Business Manager CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Plunet Subscriptions

Filtered by product Business Manager Subscriptions

Search

Switch to Advanced Search (Beta)

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-2337	1 Plunet	1 Business Manager	2026-02-11	N/A
A vulnerability in Plunet Plunet BusinessManager allows session hijacking, data theft, unauthorized actions on behalf of the user.This issue affects Plunet BusinessManager: 10.15.1.
CVE-2026-2344	1 Plunet	1 Business Manager	2026-02-11	N/A
A vulnerability in Plunet Plunet BusinessManager allows unauthorized actions being performed on behalf of privileged users.This issue affects Plunet BusinessManager: 10.15.1
CVE-2009-0700	1 Plunet	1 Business Manager	2025-04-09	N/A
Plunet BusinessManager 4.1 and earlier allows remote authenticated users to bypass access restrictions and (1) read sensitive Customer or Order data via a modified Pfad parameter to pagesUTF8/Sys_DirAnzeige.jsp, or (2) list sensitive Jobs via a direct request to pagesUTF8/auftrag_job.jsp.
CVE-2009-0699	1 Plunet	1 Business Manager	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in pagesUTF8/auftrag_allgemeinauftrag.jsp in Plunet BusinessManager 4.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the (1) QUB and (2) Bez74 parameters.

Page 1 of 1.