Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cipplanner vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-11586
An XXE issue exists in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request that contains malicious XML DTD data.
Cipplanner Cipace
9.8
CVSSv3
CVE-2020-11597
An issue exists in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner.
Cipplanner Cipace
9.8
CVSSv3
CVE-2020-11598
An issue exists in CIPPlanner CIPAce 9.1 Build 2019092801. Upload.ashx allows remote malicious users to execute arbitrary code by uploading and executing an ASHX file.
Cipplanner Cipace
7.5
CVSSv3
CVE-2020-11587
An issue exists in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and get the content of ETL Processes running on the server.
Cipplanner Cipace
7.5
CVSSv3
CVE-2020-11593
An issue exists in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request with injected HTML data that is later leveraged to send emails from a customer trusted email address.
Cipplanner Cipace
7.5
CVSSv3
CVE-2020-11589
An Insecure Direct Object Reference issue exists in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make a GET request to a certain URL and obtain information that should be provided to authenticated users only.
Cipplanner Cipace
7.5
CVSSv3
CVE-2020-11592
An issue exists in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and get the columns of a specific table within the CIP database.
Cipplanner Cipace
7.5
CVSSv3
CVE-2020-11599
An issue exists in CIPPlanner CIPAce 6.80 Build 2016031401. GetDistributedPOP3 allows malicious users to obtain the username and password of the SMTP user.
Cipplanner Cipace
7.5
CVSSv3
CVE-2020-11596
A Directory Traversal issue exists in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make HTTP GET requests to a certain URL and obtain information about what files and directories reside on the server.
Cipplanner Cipace
7.5
CVSSv3
CVE-2020-11594
An issue exists in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request that causes a stack error to be shown providing the full file path.
Cipplanner Cipace
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »