17 matches found
EUVD-2020-27470
Malware in sbrugna...
EUVD-2018-14341
Malware in sbrugna...
EUVD-2024-19349
Malicious code in bioql PyPI...
CVE-2024-21734
SAP Marketing Contacts App - version 160, allows an attacker with low privileges to trick a user to open malicious page which could lead to a very convincing phishing attack with low impact on confidentiality and integrity of the application...
CVE-2020-6320
SAP Marketing Servlet, version-130,140,150, allows an authenticated attacker to invoke certain functions that are restricted. Limited knowledge of payload is required for an attacker to exploit the vulnerability and perform tasks related to contact and interaction data which impacts Confidentiali...
The vulnerability of the Contacts component in SAP Marketing’s CRM system allows a hacker to carry out a phishing attack.
The vulnerability of the Contacts component in SAP Marketing CRM systems is related to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to carry out a phishing attack and disclose sensitive information using a specially created malicious lin...
CVE-2024-21734
SAP Marketing Contacts App - version 160, allows an attacker with low privileges to trick a user to open malicious page which could lead to a very convincing phishing attack with low impact on confidentiality and integrity of the application...
Design/Logic Flaw
SAP Marketing Contacts App - version 160, allows an attacker with low privileges to trick a user to open malicious page which could lead to a very convincing phishing attack with low impact on confidentiality and integrity of the application...
SAP Marketing Improper Access Control Vulnerability
SAP Marketing is a suite of marketing solutions for SAP. An improper access control vulnerability exists in SAP Marketing Servlet versions 130, 140, and 150. An authenticated attacker could exploit this vulnerability to invoke certain restricted functions and perform tasks related to interactive...
CVE-2020-6320
SAP Marketing Servlet, version-130,140,150, allows an authenticated attacker to invoke certain functions that are restricted. Limited knowledge of payload is required for an attacker to exploit the vulnerability and perform tasks related to contact and interaction data which impacts Confidentiali...
CVE-2020-6320
SAP Marketing Servlet, version-130,140,150, allows an authenticated attacker to invoke certain functions that are restricted. Limited knowledge of payload is required for an attacker to exploit the vulnerability and perform tasks related to contact and interaction data which impacts Confidentiali...
Code injection
SAP Marketing Servlet, version-130,140,150, allows an authenticated attacker to invoke certain functions that are restricted. Limited knowledge of payload is required for an attacker to exploit the vulnerability and perform tasks related to contact and interaction data which impacts Confidentiali...
CVE-2020-6320
SAP Marketing Servlet, version-130,140,150, allows an authenticated attacker to invoke certain functions that are restricted. Limited knowledge of payload is required for an attacker to exploit the vulnerability and perform tasks related to contact and interaction data which impacts Confidentiali...
CVE-2018-2486
SAP Marketing UICUAN 1.20, 1.30, 1.40, SAPSCORE 1.13, 1.14 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...
Cross site scripting
SAP Marketing UICUAN 1.20, 1.30, 1.40, SAPSCORE 1.13, 1.14 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...
CVE-2018-2486
SAP Marketing UICUAN 1.20, 1.30, 1.40, SAPSCORE 1.13, 1.14 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...
CVE-2018-2486
SAP Marketing UICUAN 1.20, 1.30, 1.40, SAPSCORE 1.13, 1.14 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...