Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

38 matches found

Positive Technologies
Positive Technologiesadded 2024/02/12 12:0 a.m.2 views

PT-2024-4084

Name of the Vulnerable Software and Affected Versions SAP CRM WebClient UI versions S4FND 102 through S4FND 108 SAP CRM WebClient UI versions WEBCUIF 700 through WEBCUIF 801 Description The print preview option in SAP CRM WebClient UI does not sufficiently encode user-controlled inputs, resulting...

7.6CVSS7AI score0.00323EPSS
Exploits0References11
Prion
Prionadded 2023/05/09 2:15 a.m.18 views

Cross site scripting

SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 700, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting...

5.8CVSS5.9AI score0.00438EPSS
Exploits0References2Affected Software2
CVE
CVEadded 2023/05/09 1:35 a.m.50 views

CVE-2023-30742

Summary: CVE-2023-30742 is a stored XSS in SAP CRM (WebClient UI) affecting SAP CRM WebClient UI components: S4FND 102–107 and WEBCUIF 700–801. The root cause is insufficient encoding of user-controlled inputs, allowing an attacker to store a malicious URL and lure a victim into clicking it, exec...

6.1CVSS6AI score0.00438EPSS
Exploits0References2Affected Software2
Cvelist
Cvelistadded 2023/05/09 1:35 a.m.14 views

CVE-2023-30742 Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)

SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 700, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting...

6.1CVSS6.1AI score0.00438EPSS
Exploits0References2
Prion
Prionadded 2023/05/09 1:15 a.m.15 views

Cross site scripting

SAP CRM WebClient UI - versions SAPSCORE 129, S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS...

4.9CVSS5.2AI score0.00366EPSS
Exploits0References2Affected Software3
NVD
NVDadded 2023/04/11 4:16 a.m.18 views

CVE-2023-29189

SAP CRM WebClient UI - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801, allows an authenticated attacker to modify HTTP verbs used in requests to the web server. This application is exposed over the network and successful exploitation can lead to...

5.4CVSS5.3AI score0.00442EPSS
Exploits0References2
Prion
Prionadded 2023/04/11 4:16 a.m.21 views

Code injection

SAP CRM WebClient UI - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801, allows an authenticated attacker to modify HTTP verbs used in requests to the web server. This application is exposed over the network and successful exploitation can lead to...

5.5CVSS5.4AI score0.00442EPSS
Exploits0References2Affected Software2
CVE
CVEadded 2023/04/11 3:11 a.m.51 views

CVE-2023-29189

CVE-2023-29189 affects SAP CRM (WebClient UI) across multiple versions (S4FND 102–107, WEBCUIF, 700–801). The root cause is an issue in the web server handling where HTTP verbs can be modified by an authenticated attacker, with the application exposed over the network. Consequence: exposure of fo...

5.4CVSS5.3AI score0.00442EPSS
Exploits0References2Affected Software2
Cvelist
Cvelistadded 2023/04/11 3:11 a.m.30 views

CVE-2023-29189 HTTP Verb Tampering vulnerability in SAP CRM (WebClient UI)

SAP CRM WebClient UI - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801, allows an authenticated attacker to modify HTTP verbs used in requests to the web server. This application is exposed over the network and successful exploitation can lead to...

5.4CVSS5.7AI score0.00442EPSS
Exploits0References2
OSV
OSVadded 2023/02/14 4:15 a.m.2 views

CVE-2023-24525

SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application...

5.4CVSS5.8AI score0.00345EPSS
Exploits0References2
NVD
NVDadded 2023/02/14 4:15 a.m.18 views

CVE-2023-24525

SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application...

5.4CVSS4.6AI score0.00345EPSS
Exploits0References2
Prion
Prionadded 2023/02/14 4:15 a.m.19 views

Cross site scripting

SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application...

4.9CVSS5.2AI score0.00345EPSS
Exploits0References2Affected Software2
CVE
CVEadded 2023/02/14 3:18 a.m.59 views

CVE-2023-24525

Summary: CVE-2023-24525 affects SAP CRM WebClient UI components (WEBCUIF 748, 800, 801; S4FND 102, 103). The vulnerability stems from insufficient encoding of user-controlled inputs, enabling a Cross-Site Scripting (XSS) flaw. In the documented entries, exploitation requires authentication and is...

5.4CVSS5.2AI score0.00345EPSS
Exploits0References2Affected Software1
CNVD
CNVDadded 2019/01/09 12:0 a.m.3 views

SAP CRM WebClient UI Cross-Site Scripting Vulnerability

SAP CRM Customer Relationship Management is a set of German SAP SAP customer relationship management solutions. The program includes sales management, marketing management, customer service system and other modules. SAP CRM WebClient UI is one of the Web client interface. A cross-site scripting...

5.4CVSS6.7AI score0.00758EPSS
Exploits0References1
OSV
OSVadded 2019/01/08 8:29 p.m.3 views

CVE-2019-0244

SAP CRM WebClient UI fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.8AI score0.00758EPSS
Exploits0References3
OSV
OSVadded 2019/01/08 8:29 p.m.5 views

CVE-2019-0245

SAP CRM WebClient UI fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.8AI score0.00758EPSS
Exploits0References3
NVD
NVDadded 2019/01/08 8:29 p.m.26 views

CVE-2019-0245

SAP CRM WebClient UI fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.3AI score0.00758EPSS
Exploits0References3
NVD
NVDadded 2019/01/08 8:29 p.m.22 views

CVE-2019-0244

SAP CRM WebClient UI fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.3AI score0.00758EPSS
Exploits0References3
Rows per page
Query Builder