5 matches found
CVE-2025-27428 Directory Traversal vulnerability in SAP NetWeaver and ABAP Platform (Service Data Collection)
Due to directory traversal vulnerability, an authorized attacker could gain access to some critical information by using RFC enabled function module. Upon successful exploitation, they could read files from any managed system connected to SAP Solution Manager, leading to high impact on...
CVE-2025-27428 Directory Traversal vulnerability in SAP NetWeaver and ABAP Platform (Service Data Collection)
Due to directory traversal vulnerability, an authorized attacker could gain access to some critical information by using RFC enabled function module. Upon successful exploitation, they could read files from any managed system connected to SAP Solution Manager, leading to high impact on...
CVE-2025-27428
CVE-2025-27428 is a directory traversal vulnerability impacting SAP Solution Manager (and related SAP NetWeaver/ABAP Platform components) where an authorized attacker can read files from any managed system via an RFC-enabled function module. The exposure is described as high impact to confidentia...
CVE-2023-5457
A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework used by the web application due to the “debug” configuration parameter set to “True” allows a remote unauthenticated attacker to access critical information and have other unspecified impacts to t...
XSS in CRM (Java)
Application: SAP CRM Versions Affected: SAP CRM 700-732 Vendor URL: SAP Bug: XSS Reported: 16.05.2017 Vendor response: 17.05.2017 Date of Public Advisory: 08.08.2017 Reference: SAP Security Note 2481262 Author: Vladimir Egorov ERPScan VULNERABILITY INFORMATION Class: XSS Risk: Medium Impact:...