CVE-2026-10283

MEDIUM WAF: Low

CVSS 6.3 Published: 2026-06-01

CWE-287

A vulnerability was detected in Bottelet DaybydayCRM up to 2.2.1. Affected is an unknown function of the component Setting Handler. Performing a manipulation results in missing authentication. Remote exploitation of the attack is possible. It is recommended to apply a patch to fix this issue.

WAF Coverage Analysis

Improper Authentication Low WAF Coverage

OWASP: A07:2021 Identification and Authentication Failures

References

github.com
github.com
github.com
vuldb.com
vuldb.com
vuldb.com
vuldb.com
vuldb.com

Back to CVE Database