Vulnerabilities > Plunet

DATE	CVE	VULNERABILITY TITLE	RISK
2009-02-23	CVE-2009-0700	Permissions, Privileges, and Access Controls vulnerability in Plunet Business Manager Plunet BusinessManager 4.1 and earlier allows remote authenticated users to bypass access restrictions and (1) read sensitive Customer or Order data via a modified Pfad parameter to pagesUTF8/Sys_DirAnzeige.jsp, or (2) list sensitive Jobs via a direct request to pagesUTF8/auftrag_job.jsp. network low complexity plunet CWE-264	4.0
2009-02-23	CVE-2009-0699	Cross-Site Scripting vulnerability in Plunet Business Manager Cross-site scripting (XSS) vulnerability in pagesUTF8/auftrag_allgemeinauftrag.jsp in Plunet BusinessManager 4.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the (1) QUB and (2) Bez74 parameters. network plunet CWE-79	3.5

Vulnerabilities > Plunet {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Plunet"}]}