Skip to main content

Cipace

18 CVEs product

Monthly

CVE-2024-50619 HIGH This Week

Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. [CVSS 8.8 HIGH]

Privilege Escalation Cipace
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2024-50617 HIGH This Week

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. [CVSS 7.5 HIGH]

Authentication Bypass Cipace
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2024-50620 HIGH This Week

Cipace versions up to 9.17. is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

File Upload Cipace
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2024-50618 MEDIUM This Month

Cipace versions up to 9.17 contains a vulnerability that allows attackers to bypass a protection mechanism (CVSS 4.3).

Authentication Bypass Cipace
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2020-11587 HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-11586 CRITICAL POC Act Now

An XXE issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Cipace
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-11599 HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 6.80 Build 2016031401. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Cipace
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-11598 CRITICAL POC Act Now

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Authentication Bypass Cipace
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-11597 CRITICAL POC Act Now

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Cipace
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2020-11596 HIGH POC This Week

A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Cipace
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2020-11595 HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-11594 HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-11593 HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Cipace
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2020-11592 HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-11591 MEDIUM POC This Month

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2020-11590 MEDIUM POC This Month

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2020-11589 HIGH POC This Week

An Insecure Direct Object Reference issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Cipace
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-11588 MEDIUM POC This Month

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
CVSS 3.1
5.3
EPSS
1.0%
EPSS 0% CVSS 8.8
HIGH This Week

Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. [CVSS 8.8 HIGH]

Privilege Escalation Cipace
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. [CVSS 7.5 HIGH]

Authentication Bypass Cipace
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Cipace versions up to 9.17. is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

File Upload Cipace
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cipace versions up to 9.17 contains a vulnerability that allows attackers to bypass a protection mechanism (CVSS 4.3).

Authentication Bypass Cipace
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

An XXE issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Cipace
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 6.80 Build 2016031401. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Cipace
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Authentication Bypass Cipace
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Cipace
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Cipace
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Cipace
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An Insecure Direct Object Reference issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Cipace
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cipace
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy