CVE-2026-10282 | Bottelet DaybydayCRM up to 2.2.1 DocumentsController.php view improper authorization (Issue 347)

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability was found in Bottelet DaybydayCRM up to 2.2.1 and classified as problematic. This impacts the function view of the file app/Http/Controllers/DocumentsController.php. Such manipulation leads to improper authorization.

This vulnerability is traded as CVE-2026-10282. The attack may be launched remotely. There is no exploit available.

It is best practice to apply a patch to resolve this issue.

CVE-2026-10282 | Bottelet DaybydayCRM up to 2.2.1 DocumentsController.php view improper authorization (Issue 347)

Post correlati

CVE-2024-39173 | calculator-boilerplate 1.0 /routes/calculator.js eval input injection

CVE-2024-9441 | Linear eMerge e3-Series up to 1.00-07 forgot_password login_id os command injection

CVE-2026-3465 | Tuya App/SDK 24.07.11 on Android JSON Data Point cruise_time denial of service

CVE-2026-31428 | Linux Kernel up to 6.1.167/6.6.130/6.12.79/6.18.20/6.19.10 netfilter __build_packet_message uninitialized pointer