14 matches found
PT-2026-39923
Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...
EUVD-2019-1021
Malware in sbrugna...
CVE-2025-42969 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform
SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to inject a malicious script into a dynamically crafted URL. The victim, when tricked into clicking on this crafted URL unknowingly executes the malicious payload in their browser. On successful exploitatio...
CVE-2025-42969
CVE-2025-42969 describes a cross-site scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform. An unauthenticated attacker can inject a malicious script into a dynamically crafted URL, which, when a user follows, executes in the browser and may access or modify se...
PT-2025-28288 · Sap · Sap Netweaver Application Server Abap +1
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP and ABAP Platform affected versions not specified Description: The issue allows an unauthenticated attacker to inject a malicious script into a dynamically crafted URL. When a victim clicks on this crafte...
CVE-2024-30218
The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability...
CVE-2025-26653 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML)
SAP NetWeaver Application Server ABAP does not sufficiently encode user-controlled inputs, leading to Stored Cross-Site Scripting XSS vulnerability. This enables an attacker, without requiring any privileges, to inject malicious JavaScript into a website. When a user visits the compromised page,...
SAP NetWeaver AS ABAP (3536461)
The remote SAP NetWeaver ABAP server may be affected by an information disclosure vulnerability. The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to gain unauthorized access to system information. By using a specific URL parameter, an unauthenticated attack...
CVE-2024-30218
The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability...
CVE-2024-30218
CVE-2024-30218 describes a DoS vulnerability affecting SAP NetWeaver AS ABAP and ABAP Platform, enabling an attacker to crash or flood the service, with a stated impact on availability. Connected documents corroborate a denial-of-service risk in the SAP NetWeaver ABAP stack but do not provide con...
CVE-2024-21738 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Application Server and ABAP Platform
SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation...
CVE-2024-21738 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Application Server and ABAP Platform
SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation...
Denial of Service Vulnerability in Multiple SAP Products
SAP NetWeaver is an integrated service-oriented application platform that provides a development and runtime environment for SAP applications; ABAP is an application server that runs in NetWeaver and is based on the ABAP high-level programming language; and SAP .NET Connector is a connector produ...
CVE-2014-3130
Technical details (affected product/version, root cause, exploit information) are not provided in the supplied documents for CVE-2014-3130; monitor for updates.