5 matches found
SAP Afaria - Authorization bypass, Insecure signature
Application: SAP Afaria 7.0.6001.5 Vendor URL: http://www.sap.com Bugs: Authorization bypass Reported: 12.03.2015 Vendor response: 13.03.2015 Date of Public Advisory: 12.05.2015 Reference: SAP Security Note 2134905 Authors: Dmitry Chastukhin ERPScan Description An anonymous attacker can spoof a...
SAP NetWeaver 7.4 - XSS
Application: SAP NetWeaver J2EE Engine 7.40 Vendor URL: http://www.sap.com Bugs: XSS Reported: 13.07.2015 Vendor response: 24.07.2015 Date of Public Advisory: 09.09.2015 Reference: SAP Security Note 2176785 Authors: Roman Bezhan ERPScan VULNERABILITY INFORMATION Class: Cross-Site Scripting, XSS...
SAP NetWeaver 7.4 - XXE
Application: SAP NetWeaver Portal 7.4 Vendor URL: http://www.sap.com Bugs: XML eXternal Entity Reported: 16.04.2015 Vendor response: 17.04.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Security Note 2168485 Authors: Roman Bezhan ERPScan VULNERABILITY INFORMATION Class: XML External Enti...
SAP Afaria - Stored XSS
Application: SAP Afaria 7 Vendor URL: http://www.sap.com Bugs: XSS Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Security Note 2152669 Authors: Dmitry Chastukhin ERPScan Vulnerability information Class: XML External Entity CWE-79 Impact: Store...
SAP NetWeaver 7.4 - cryptographic issues
Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.4 Vendor URL: http://www.sap.com Bugs: cryptographic issues Reported: 01.09.2015 Vendor response: 02.09.2015 Date of Public Advisory: 12.01.2016 Reference: SAP Security Note 2191290 Author: Vahagn Vardanyan ERPScan VULNERABILITY...