CVE-2026-10282 | Bottelet DaybydayCRM up to 2.2.1 DocumentsController.php view improper authorization (Issue 347)

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability was found in Bottelet DaybydayCRM up to 2.2.1 and classified as problematic. This impacts the function view of the file app/Http/Controllers/DocumentsController.php. Such manipulation leads to improper authorization.

This vulnerability is traded as CVE-2026-10282. The attack may be launched remotely. There is no exploit available.

It is best practice to apply a patch to resolve this issue.

CVE-2026-10282 | Bottelet DaybydayCRM up to 2.2.1 DocumentsController.php view improper authorization (Issue 347)

Post correlati

CVE-2025-13243 | code-projects Student Information System 2.0 /editprofile.php sql injection

CVE-2024-5942 | Page and Post Clone Plugin up to 6.0 on WordPress resource injection

CVE-2025-13728 | FluentAuth Plugin up to 2.0.3 on WordPress Shortcode fluent_auth_reset_password cross site scripting

CVE-2025-64623 | Adobe Experience Manager up to 6.5.23 cross site scripting (apsb25-115)