CVE-2026-10283

Published: Giu 01, 2026 Last Modified: Giu 01, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
MEDIUM 6,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: low
Availability: low
MEDIUM 6,5
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: single
Confidentiality: partial
Integrity: partial
Availability: partial

Description

AI Translation Available

A vulnerability was detected in Bottelet DaybydayCRM up to 2.2.1. Affected is an unknown function of the component Setting Handler. Performing a manipulation results in missing authentication. Remote exploitation of the attack is possible. It is recommended to apply a patch to fix this issue.

287

Improper Authentication

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Confidentiality Availability Access Control
Potential Impacts:
Read Application Data Gain Privileges Or Assume Identity Execute Unauthorized Code Or Commands
Applicable Platforms
Technologies: Not Technology-Specific, Web Based, ICS/OT
Likelihood of Exploit: High
View CWE Details
306

Missing Authentication for Critical Function

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control Other
Potential Impacts:
Gain Privileges Or Assume Identity Varies By Context
Applicable Platforms
Technologies: Cloud Computing, ICS/OT
Likelihood of Exploit: High
View CWE Details
https://github.com/Bottelet/DaybydayCRM/
https://github.com/Bottelet/DaybydayCRM/
https://github.com/Bottelet/DaybydayCRM/issues/348
https://github.com/Bottelet/DaybydayCRM/issues/348
https://github.com/Bottelet/DaybydayCRM/pull/363
https://github.com/Bottelet/DaybydayCRM/pull/363
https://vuldb.com/cve/CVE-2026-10283
https://vuldb.com/cve/CVE-2026-10283
https://vuldb.com/submit/825442
https://vuldb.com/submit/825442
https://vuldb.com/submit/825443
https://vuldb.com/submit/825443
https://vuldb.com/vuln/367576
https://vuldb.com/vuln/367576
https://vuldb.com/vuln/367576/cti
https://vuldb.com/vuln/367576/cti