48 matches found
CVE-2023-25617
SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...
EUVD-2018-14225
Malware in sbrugna...
EUVD-2019-1168
Malware in sbrugna...
EUVD-2022-27692
Malicious code in bioql PyPI...
EUVD-2022-42245
Malicious code in bioql PyPI...
CVE-2022-22546
Due to improper HTML encoding in input control summary, an authorized attacker can execute XSS vulnerability in SAP Business Objects Web Intelligence BI Launchpad - version 420...
CVE-2020-6281
SAP Business Objects Business Intelligence Platform BI Launchpad, version 4.2, does not sufficiently encode user-controlled inputs, resulting reflected in Cross-Site Scripting...
CVE-2019-0395
SAP BusinessObjects Business Intelligence Platform Fiori BI Launchpad, before version 4.2, allows execution of JavaScript in a text module in Fiori BI Launchpad, leading to Stored Cross Site Scripting vulnerability...
CVE-2025-24867 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence platform (BI Launchpad)
SAP BusinessObjects Platform BI Launchpad does not sufficiently handle user input, resulting in Cross-Site Scripting XSS vulnerability. The application allows an unauthenticated attacker to craft a URL that embeds a malicious script within an unprotected parameter. When a victim clicks the link,...
SAP BusinessObjects BI LaunchPad 跨站脚本漏洞
SAP BusinessObjects BI LaunchPad is a standard Web portal for users of the SAP BusinessObjects Business Intelligence BI platform from SAP, Germany. A cross-site scripting vulnerability exists in SAP BusinessObjects BI LaunchPad that stems from improper input handling and can lead to a cross-site...
CVE-2023-25617
SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...
CVE-2023-25617
SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...
Design/Logic Flaw
SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...
CVE-2023-25617 OS Command Execution vulnerability in SAP Business Objects Business Intelligence Platform (Adaptive Job Server)
SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...
CVE-2023-25617
SAP Business Objects Adaptive Job Server (BI launchpad/Central Management Console or public Java SDK-based apps) versions 420 and 430 are vulnerable to OS command execution via remote command invocation when program objects execution is enabled. The issue allows authenticated users with schedulin...
CVE-2022-41203
In some workflow of SAP BusinessObjects BI Platform Central Management Console and BI LaunchPad, an authenticated attacker with low privileges can intercept a serialized object in the parameters and substitute with another malicious serialized object, which leads to deserialization of untrusted...
CVE-2022-41203
CVE-2022-41203 affects SAP BusinessObjects BI Platform (Central Management Console and BI LaunchPad). An authenticated user with low privileges can trick the application by substituting a serialized parameter with a malicious serialized object, causing deserialization of untrusted data and impact...
SAP BusinessObjects BI LaunchPad Code Execution Vulnerability
SAP BusinessObjects BI LaunchPad is a standard Web portal for users of the SAP BusinessObjects Business Intelligence BI platform from SAP. A code execution vulnerability exists in SAP BusinessObjects BI LaunchPad versions 420 and 430, which stems from failure to properly clean up user input when...
CVE-2022-39800
SAP BusinessObjects BI LaunchPad - versions 420, 430, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the network. On successful exploitation, an attacker can view or modify information causing a limited...
Design/Logic Flaw
SAP BusinessObjects BI LaunchPad - versions 420, 430, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the network. On successful exploitation, an attacker can view or modify information causing a limited...