Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2024/11/12 12:27 a.m.12 views

CVE-2024-47593 Information Disclosure Vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to read files from the server, which otherwise would be restricted.This attack is possible only if a Web Dispatcher or some sort of Proxy Server is in use and the file in question was previously opened or...

4.3CVSS0.0022EPSS
Exploits0References2
NVD
NVDadded 2024/03/12 1:15 a.m.10 views

CVE-2024-27902

Applications based on SAP GUI for HTML in SAP NetWeaver AS ABAP - versions 7.89, 7.93, do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. A successful attack can allow a malicious attacker to access and modify data through their ability to...

6.1CVSS5.3AI score0.00781EPSS
Exploits0References2
OSV
OSVadded 2024/03/12 1:15 a.m.1 views

CVE-2024-27902

Applications based on SAP GUI for HTML in SAP NetWeaver AS ABAP - versions 7.89, 7.93, do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. A successful attack can allow a malicious attacker to access and modify data through their ability to...

6.1CVSS5.9AI score
Exploits0References2
OSV
OSVadded 2023/04/11 3:15 a.m.2 views

CVE-2023-27499

SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting XSS vulnerability. An attacker could craft a malicious URL and lure...

6.1CVSS6.2AI score0.00462EPSS
Exploits0References2
NVD
NVDadded 2023/04/11 3:15 a.m.15 views

CVE-2023-27499

SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting XSS vulnerability. An attacker could craft a malicious URL and lure...

6.1CVSS6AI score0.00462EPSS
Exploits0References2
CVE
CVEadded 2023/04/11 2:48 a.m.46 views

CVE-2023-27499

SAP GUI for HTML is affected by a reflected XSS due to insufficient encoding of user-controlled inputs. AFFECTED versions include KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91 and KRNL64UC (including 7.22EXT). An attacker can lure a user to click a crafted URL and execute script in the us...

6.1CVSS6AI score0.00462EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichmentadded 2023/04/11 2:48 a.m.10 views

CVE-2023-27499 Cross-Site Scripting (XSS) vulnerability in SAP GUI for HTML

SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting XSS vulnerability. An attacker could craft a malicious URL and lure...

6.1CVSS5.8AI score0.00462EPSS
Exploits0References2
Rows per page
Query Builder