Lucene search
K

54 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.5 views

CVE-2020-11595

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and obtain the upload folder path that includes the hostname in a UNC path...

7.5CVSS7.7AI score0.01209EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:10 p.m.6 views

CVE-2020-11587

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and get the content of ETL Processes running on the server...

7.5CVSS7.1AI score0.01209EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:10 p.m.5 views

CVE-2020-11589

An Insecure Direct Object Reference issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make a GET request to a certain URL and obtain information that should be provided to authenticated users only...

7.5CVSS6.6AI score0.01132EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:10 p.m.6 views

CVE-2020-11586

An XXE issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request that contains malicious XML DTD data...

9.8CVSS7.1AI score0.01247EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:56 p.m.4 views

CVE-2020-11590

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP GET request to HealthPage.aspx and obtain the internal server name...

5.3CVSS7AI score0.00963EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:47 p.m.6 views

CVE-2020-11598

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Upload.ashx allows remote attackers to execute arbitrary code by uploading and executing an ASHX file...

9.8CVSS8.1AI score0.02509EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:11 p.m.6 views

CVE-2020-11597

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner...

9.8CVSS7.7AI score0.0148EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/07 12:0 a.m.2 views

Unspecified vulnerability in CIPPlanner CIPAce (CNVD-2020-21816)

CIPPlanner CIPAce is a suite of business process automation and application development platforms from the US-based CIPPlanner. A security vulnerability exists in CIPPlanner CIPAce version 9.1 Build 2019092801. An attacker can exploit the vulnerability to obtain the full path with the help of an...

7.5CVSS6.8AI score0.01209EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/07 12:0 a.m.3 views

Unspecified Vulnerability in CIPPlanner CIPAce

CIPPlanner CIPAce is a suite of business process automation and application development platforms from the US-based CIPPlanner. A security vulnerability exists in CIPPlanner CIPAce version 9.1 Build 2019092801. An attacker can exploit the vulnerability to obtain ETL process contents by sending a...

7.5CVSS6.8AI score0.01209EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/07 12:0 a.m.1 views

Unspecified vulnerability in CIPPlanner CIPAce (CNVD-2020-21821)

CIPPlanner CIPAce is a suite of business process automation and application development platforms from the US-based CIPPlanner. A security vulnerability exists in CIPPlanner CIPAce version 6.80 Build 2016031401. The vulnerability can be exploited by an attacker to obtain the username and password...

7.5CVSS6.9AI score0.01104EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/07 12:0 a.m.4 views

CIPPlanner CIPAce Path Traversal Vulnerability

CIPPlanner CIPAce is a suite of business process automation and application development platforms from the US-based CIPPlanner. A path traversal vulnerability exists in CIPPlanner CIPAce version 9.1 Build 2019092801. The vulnerability stems from a failure of a networked system or product to...

7.5CVSS6.8AI score0.01768EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/07 12:0 a.m.1 views

Unspecified vulnerability in CIPPlanner CIPAce (CNVD-2020-21817)

CIPPlanner CIPAce is a suite of business process automation and application development platforms from the US-based CIPPlanner. A security vulnerability exists in CIPPlanner CIPAce version 9.1 Build 2019092801. An attacker can exploit the vulnerability by sending an API request to obtain the uplo...

7.5CVSS6.9AI score0.01209EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/07 12:0 a.m.1 views

Unspecified Vulnerability in CIPPlanner CIPAce (CNVD-2020-21814)

CIPPlanner CIPAce is a suite of business process automation and application development platforms from the US-based CIPPlanner. A security vulnerability exists in CIPPlanner CIPAce version 9.1 Build 2019092801. The vulnerability can be exploited by an attacker to obtain information from specific...

7.5CVSS6.6AI score0.01209EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/07 12:0 a.m.2 views

Unspecified Vulnerability in CIPPlanner CIPAce (CNVD-2020-21811)

CIPPlanner CIPAce is a suite of business process automation and application development platforms from the US-based CIPPlanner. A security vulnerability exists in CIPPlanner CIPAce, which can be exploited by an attacker to make an HTTP GET request to two files containing customer data and...

5.3CVSS6.9AI score0.00963EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/07 12:0 a.m.3 views

CIPPlanner CIPAce Code Execution Vulnerability

CIPPlanner CIPAce is a suite of business process automation and application development platforms from the US-based CIPPlanner. A security vulnerability exists in CIPPlanner CIPAce version 9.1 Build 2019092801. A remote attacker can exploit the vulnerability to execute arbitrary code with the hel...

9.8CVSS7.8AI score0.02509EPSS
Exploits1References1
OSV
OSV
added 2020/04/06 11:15 p.m.4 views

CVE-2020-11587

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and get the content of ETL Processes running on the server...

7.5CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2020/04/06 11:15 p.m.12 views

Authentication flaw

An XXE issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request that contains malicious XML DTD data...

7.5CVSS9.4AI score0.01247EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2020/04/06 10:15 p.m.12 views

CVE-2020-11599

An issue was discovered in CIPPlanner CIPAce 6.80 Build 2016031401. GetDistributedPOP3 allows attackers to obtain the username and password of the SMTP user...

7.5CVSS7.5AI score0.01104EPSS
Exploits1References1
NVD
NVD
added 2020/04/06 10:15 p.m.8 views

CVE-2020-11590

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP GET request to HealthPage.aspx and obtain the internal server name...

5.3CVSS5.3AI score0.00963EPSS
Exploits1References1
NVD
NVD
added 2020/04/06 10:15 p.m.18 views

CVE-2020-11595

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and obtain the upload folder path that includes the hostname in a UNC path...

7.5CVSS7.6AI score0.01209EPSS
Exploits1References1
Rows per page
Query Builder