132 matches found
CVE-2024-50620
Unrestricted Upload of File with Dangerous Type vulnerabilities exist in the rich text editor and document manage components in CIPPlanner CIPAce before 9.17. An authorized user can upload executable files when inserting images in the rich text editor, and upload executable files when uploading...
CVE-2024-50619
CVE-2024-50619 affects CIPPlanner CIPAce prior to 9.17, specifically the My Account and User Management components. A low-privileged authenticated user can tamper with the client user id to access other users’ accounts, and can elevate privileges by modifying information of a user role that is di...
CVE-2024-50619
Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. A low-privileged authenticated user can gain access to other people's accounts by tampering with the client's user id to change their account...
PT-2026-7655
Name of the Vulnerable Software and Affected Versions CIPPlanner CIPAce versions prior to 9.17 Description A weakness exists in the Authentication component of CIPPlanner CIPAce that allows attackers to bypass a security measure. Specifically, the system’s reliance on single-factor authentication...
CVE-2024-50617
Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...
CIPPlanner CIPAce 安全漏洞
CIPPlanner CIPAce is a business process automation and application development platform provided by the American company CIPPlanner. Versions of CIPPlanner CIPAce prior to version 9.17 contained security vulnerabilities. These vulnerabilities were due to access control defects in the File Downloa...
CIPPlanner CIPAce 安全漏洞
CIPPlanner CIPAce is a business process automation and application development platform provided by the American company CIPPlanner. Versions of CIPPlanner CIPAce prior to version 9.17 contained security vulnerabilities. These vulnerabilities stemmed from the rich text editor and document...
CVE-2024-50618
A Use of Single-factor Authentication vulnerability in the Authentication component of CIPPlanner CIPAce before 9.17 allows attackers to bypass a protection mechanism. When the system is configured to allow login with internal accounts, an attacker can possibly obtain full authentication if the...
CVE-2024-50620
Unrestricted Upload of File with Dangerous Type vulnerabilities exist in the rich text editor and document manage components in CIPPlanner CIPAce before 9.17. An authorized user can upload executable files when inserting images in the rich text editor, and upload executable files when uploading...
CVE-2024-50618
A Use of Single-factor Authentication vulnerability in the Authentication component of CIPPlanner CIPAce before 9.17 allows attackers to bypass a protection mechanism. When the system is configured to allow login with internal accounts, an attacker can possibly obtain full authentication if the...
EUVD-2020-3946
Malware in sbrugna...
EUVD-2020-3947
Malware in sbrugna...
EUVD-2020-3939
Malware in sbrugna...
EUVD-2020-3937
Malware in sbrugna...
EUVD-2020-3943
Malware in sbrugna...
EUVD-2020-3948
Malware in sbrugna...
EUVD-2020-3936
Malware in sbrugna...
EUVD-2020-3945
Malware in sbrugna...
EUVD-2020-3940
Malware in sbrugna...
EUVD-2020-3941
Malware in sbrugna...