Lucene search
+L

30 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/09 12:19 a.m.7 views

CVE-2026-24315

SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...

4.2CVSS5.6AI score0.00174EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 12:19 a.m.10 views

CVE-2026-24315 Path Traversal Vulnerability in SAP Fiori (launchpad)

SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...

4.2CVSS5.6AI score0.00174EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 12:19 a.m.41 views

CVE-2026-24315 Path Traversal Vulnerability in SAP Fiori (launchpad)

SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...

4.2CVSS0.00174EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:28 a.m.10 views

CVE-2023-49584

SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...

4.3CVSS6.9AI score0.00479EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-19361

Malware in sbrugna...

6.1CVSS6.3AI score0.00646EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-19351

Malware in sbrugna...

8.6CVSS8.8AI score0.01396EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-27360

Malware in sbrugna...

6.1CVSS5.3AI score0.00654EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-27433

Malware in sbrugna...

6.1CVSS5.2AI score0.00675EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-53536

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00479EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-24213

Malicious code in bioql PyPI...

3.5CVSS6.4AI score0.00197EPSS
Exploits0References2
CVE
CVE
added 2025/08/12 2:5 a.m.22 views

CVE-2025-42941

The CVE-2025-42941 entry describes a Reverse Tabnabbing issue in SAP Fiori (Launchpad) caused by insufficient external navigation protections on links. Affected software is SAP Fiori (Launchpad); the root cause is lack of proper navigation safeguards for anchor elements. Consequences stated incl...

3.5CVSS7.2AI score0.00197EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/12 2:5 a.m.3 views

CVE-2025-42941 Reverse Tabnabbing vulnerability in SAP Fiori (Launchpad)

SAP Fiori Launchpad is vulnerable to Reverse Tabnabbing vulnerability due to inadequate external navigation protections for its link elements. An attacker with administrative user privileges could exploit this by leveraging compromised or malicious pages. While administrative access is necessary...

3.5CVSS7.2AI score0.00197EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:30 p.m.9 views

CVE-2020-6283

SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, resulting in reflected Cross-Site Scripting XSS vulnerability. With a successful attack, the attacker can steal...

6.1CVSS6AI score0.00675EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:30 p.m.6 views

CVE-2020-6210

SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, leading to reflected Cross-Site Scripting XSS vulnerability...

6.1CVSS6AI score0.00654EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:34 p.m.13 views

CVE-2020-26815

SAP Fiori Launchpad News tile Application, versions - 750,751,752,753,754,755, allows an unauthorized attacker to send a crafted request to a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external...

8.6CVSS6.7AI score0.01396EPSS
Exploits0
Cvelist
Cvelist
added 2023/12/12 1:35 a.m.38 views

CVE-2023-49584 Client-Side Desynchronization vulnerability in SAP Fiori Launchpad

SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...

4.3CVSS5AI score0.00479EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/12/12 1:35 a.m.11 views

CVE-2023-49584 Client-Side Desynchronization vulnerability in SAP Fiori Launchpad

SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...

4.3CVSS6.8AI score0.00479EPSS
Exploits0References2
CVE
CVE
added 2023/12/12 1:35 a.m.52 views

CVE-2023-49584

CVE-2023-49584 affects SAP Fiori Launchpad components across multiple SAP_UI versions (750, 754–758), UI_700 200, and SAP_BASIS 793. The issue allows an attacker to issue HTTP POST requests against a read-only service, resulting in low confidentiality impact per the provided description. Root cau...

4.3CVSS4.6AI score0.00479EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/11/16 12:0 a.m.5 views

SAP Fiori Launchpad Cross-Site Scripting Vulnerability

SAP Fiori is SAP's user experience UX design system for SAP applications, which provides designers and developers with a set of tools and guidelines to quickly develop applications for any platform, providing a consistent, innovative experience for creators and users.SAP Fiori Launchpad is the SA...

6.1CVSS6.3AI score0.00646EPSS
Exploits0References1
NVD
NVD
added 2020/11/13 3:15 p.m.33 views

CVE-2020-26825

SAP Fiori Launchpad News tile Application, versions - 750,751,752,753,754,755, allows an unauthorized attacker to use SAP Fiori Launchpad News tile Application to send malicious code, to a different end user victim, because News tile does not sufficiently encode user controlled inputs, resulting ...

6.1CVSS6AI score0.00646EPSS
Exploits0References2
Rows per page
Query Builder