137 matches found
CVE-2003-1037
Format string vulnerability in the WGate component for SAP Internet Transaction Server ITS allows remote attackers to execute arbitrary code via a high "trace level."...
CVE-2003-1038
The AGate component for SAP Internet Transaction Server ITS allows remote attackers to obtain sensitive information via a command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames...
CVE-2003-1036
Multiple buffer overflows in the AGate component for SAP Internet Transaction Server ITS allow remote attackers to execute arbitrary code via long 1 command, 2 runtimemode, or 3 session parameters, or 4 a long HTTP Content-Type header...
CVE-2003-1038
The AGate component for SAP Internet Transaction Server ITS allows remote attackers to obtain sensitive information via a command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames...
CVE-2003-1037
Format string vulnerability in the WGate component for SAP Internet Transaction Server ITS allows remote attackers to execute arbitrary code via a high "trace level."...
CVE-2003-0748
Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to read arbitrary files via ..\ dot-dot backslash sequences in the theme parameter and a template parameter with a filename followed by space characters, which can preven...
CVE-2003-0749
Cross-site scripting XSS vulnerability in wgate.dll for SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the service parameter...
CVE-2003-0747
wgate.dll in SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters 1 service, 2 templatelanguage, 3 language, 4 theme, or 5 template, which leaks the...
CVE-2003-0749
CVE-2003-0749 describes an XSS vulnerability in SAP Internet Transaction Server (ITS) involving wgate.dll. The affected component is wgate.dll (SAP ITS) with version details in the description, and the vulnerability is exploitable via the ~service parameter to inject arbitrary web script and stea...
CVE-2003-0749
Cross-site scripting XSS vulnerability in wgate.dll for SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the service parameter...
CVE-2003-0747
wgate.dll in SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters 1 service, 2 templatelanguage, 3 language, 4 theme, or 5 template, which leaks the...
CVE-2003-0748
Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to read arbitrary files via ..\ dot-dot backslash sequences in the theme parameter and a template parameter with a filename followed by space characters, which can preven...
SAP Internet Transaction Server
Information leak, crossite scripting...
SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Information Disclosure
SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Information Disclosure source: https://www.securityfocus.com/bid/8515/info A vulnerability has been discovered in SAP Internet Transaction Server SITSthat could allow an attacker to obtain sensitive information. The problem occurs...
SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-Site Scripting
SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-Site Scripting source: https://www.securityfocus.com/bid/8517/info The 'wgate.dll' componenet of SAP Internet Transaction Server has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of...
SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Information Disclosure
source: https://www.securityfocus.com/bid/8515/info A vulnerability has been discovered in SAP Internet Transaction Server SITSthat could allow an attacker to obtain sensitive information. The problem occurs due to SITS disclosing sensitive local filesystem information when handling malformed...
SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/8517/info The 'wgate.dll' componenet of SAP Internet Transaction Server has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on data supplied to the 'wgate.dll' library. Exploitation...