Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.5 views

PT-2026-24158

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server for ABAP affected versions not specified Description The software includes an ABAP Report designed for testing that enables sending HTTP requests to any internal or external endpoint. This functionality is...

6.4CVSS5.5AI score0.00163EPSS
Exploits0References9
CVE
CVE
added 2026/01/13 1:13 a.m.26 views

CVE-2026-0493

CVE-2026-0493 describes a Cross-Site Request Forgery in the SAP Fiori App Intercompany Balance Reconciliation. The issue could allow an attacker to trigger state-changing actions on behalf of an authenticated user by using an inappropriate request type, with low impact on integrity and no impact ...

4.3CVSS6.5AI score0.0011EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/11 12:17 a.m.3 views

CVE-2025-42893 Open Redirect vulnerability in SAP Business Connector

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal...

6.1CVSS6AI score0.00223EPSS
Exploits0References2
NVD
NVD
added 2025/08/12 3:15 a.m.3 views

CVE-2025-42942

SAP NetWeaver Application Server for ABAP has cross-site scripting vulnerability. Due to this, an unauthenticated attacker could craft a URL embedded with malicious script and trick an unauthenticated victim to click on it to execute the script. Upon successful exploitation, the attacker could...

6.1CVSS0.0022EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/12 2:5 a.m.8 views

CVE-2025-42945 HTML Injection vulnerability in SAP NetWeaver Application Server ABAP

SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker could craft a URL with malicious script as payload and trick a victim with active user session into executing it. Upon successful exploit, this vulnerability could lead to limited access to data or it...

6.1CVSS0.00202EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.7 views

PT-2025-32607 · Sap · Sap S/4Hana

Name of the Vulnerable Software and Affected Versions: SAP S/4HANA Bank Communication Management affected versions not specified Description: A directory traversal issue exists in SAP S/4HANA Bank Communication Management. An attacker with elevated privileges and access to a specific transaction...

6.9CVSS6.9AI score0.0092EPSS
Exploits0References7
Rows per page
Query Builder