15 matches found
CVE-2023-29109
The SAP Application Interface Framework Message Dashboard - versions AIF 703, AIFX 702, S4CORE 101, SAPBASIS 755, 756, SAPABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints...
EUVD-2023-32712
Malicious code in bioql PyPI...
EUVD-2024-19352
Malicious code in bioql PyPI...
CVE-2024-21737
In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impact on...
CVE-2024-21737 Code Injection vulnerability in SAP Application Interface Framework (File Adapter)
In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impact on...
CVE-2024-21737 Code Injection vulnerability in SAP Application Interface Framework (File Adapter)
In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impact on...
SAP Application Interface Framework Code Injection Vulnerability
SAP Application Interface Framework SAP AIF is an application interface framework from SAP. A code injection vulnerability exists in the SAP Application Interface Framework File Adapter, which can be exploited to allow an elevated privilege user to traverse layers and directly execute operating...
SAP Application Interface Framework Cross-Site Scripting Vulnerability
SAP Application Interface Framework SAP AIF is a German SAP SAP company's application program interface framework. A security vulnerability exists in the SAP Application Interface Framework that stems from the application allowing the use of HTML markup, which can be exploited by an attacker to...
Design/Logic Flaw
The SAP Application Interface Framework Message Dashboard - versions AIF 703, AIFX 702, S4CORE 101, SAPBASIS 755, 756, SAPABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints...
CVE-2023-29112 Code Injection vulnerability in SAP Application Interface Framework (Message Monitoring)
The SAP Application Interface Message Monitoring - versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limite...
CVE-2023-29111 Information Disclosure vulnerability in SAP Application Interface Framework (ODATA service)
The SAP AIF ODATA service - versions 755, 756, discloses more detailed information than is required. An authorized attacker can use the collected information possibly to exploit the component. As a result, an attacker can cause a low impact on the confidentiality of the application...
CVE-2023-29109 Code Injection vulnerability in SAP Application Interface Framework (Message Dashboard)
The SAP Application Interface Framework Message Dashboard - versions AIF 703, AIFX 702, S4CORE 101, SAPBASIS 755, 756, SAPABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints...
SAP Application Interface Framework 安全漏洞
SAP Application Interface Framework SAP AIF is an application interface framework from SAP. A security vulnerability exists in SAP Application Interface Framework Message Dashboard versions AIF 703, AIFX 702, S4CORE 101, SAPBASIS 755, 756, SAPABA 75C, 75D, 75E, and SAPABA 75C, 75D, 75E, and SAPAB...
SAP Application Interface Framework 信息泄露漏洞
SAP Application Interface Framework SAP AIF is an application interface framework from SAP. An information disclosure vulnerability exists in SAP Application Interface Framework ODATA service versions 755, 756, which originates from a program disclosure of sensitive information and can be exploit...
SAP Application Interface Framework 跨站脚本漏洞
SAP Application Interface Framework SAP AIF is a German SAP SAP company's application program interface framework. A security vulnerability exists in the SAP Application Interface Framework that stems from the application allowing the use of HTML markup, which can be exploited by an attacker to...