Plunet Business Manager vulnerabilities
2 known vulnerabilities affecting plunet/business_manager.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM1LOW1
Vulnerabilities
Page 1 of 1
CVE-2009-0700P4MEDIUMCVSS 4.0PoC≤ 4.12009-02-23
CVE-2009-0700 [MEDIUM] CWE-264 CVE-2009-0700: Plunet BusinessManager 4.1 and earlier allows remote authenticated users to bypass access restrictio
Plunet BusinessManager 4.1 and earlier allows remote authenticated users to bypass access restrictions and (1) read sensitive Customer or Order data via a modified Pfad parameter to pagesUTF8/Sys_DirAnzeige.jsp, or (2) list sensitive Jobs via a direct request to pagesUTF8/auftrag_job.jsp.
nvd
CVE-2009-0699P4LOWCVSS 3.5PoC≤ 4.12009-02-23
CVE-2009-0699 [LOW] CWE-79 CVE-2009-0699: Cross-site scripting (XSS) vulnerability in pagesUTF8/auftrag_allgemeinauftrag.jsp in Plunet Busines
Cross-site scripting (XSS) vulnerability in pagesUTF8/auftrag_allgemeinauftrag.jsp in Plunet BusinessManager 4.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the (1) QUB and (2) Bez74 parameters.
nvd