Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:44 a.m.8 views

CVE-2018-17865

A cross-site scripting XSS vulnerability in SAP J2EE Engine 7.01 allows remote attackers to inject arbitrary web script via the wsdlPath parameter to /ctcprotocol/Protocol. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS5.8AI score0.00746EPSS
Exploits1References1
OSV
OSV
added 2021/08/09 7:15 p.m.1 views

CVE-2018-17861

A cross-site scripting XSS vulnerability in SAP J2EE Engine/7.01/Portal/EPP allows remote attackers to inject arbitrary web script via the wsdlLib parameter to /ctcprotocol/Protocol. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS5.8AI score0.01543EPSS
Exploits1References3
OSV
OSV
added 2021/08/09 7:15 p.m.5 views

CVE-2018-17865

A cross-site scripting XSS vulnerability in SAP J2EE Engine 7.01 allows remote attackers to inject arbitrary web script via the wsdlPath parameter to /ctcprotocol/Protocol. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS5.8AI score0.00746EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/08/09 12:0 a.m.7 views

PT-2021-8825 · Sap · Sap J2Ee Engine

Name of the Vulnerable Software and Affected Versions: SAP J2EE Engine/7.01/Portal/EPP version 7.01 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script via the wsdlLib parameter to "/ctcprotocol/Protocol". This issue only affects products that are ...

6.1CVSS5.9AI score0.01543EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2021/08/09 12:0 a.m.7 views

PT-2021-8827 · Sap · Sap J2Ee Engine

Name of the Vulnerable Software and Affected Versions: SAP J2EE Engine version 7.01 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script via the wsdlPath parameter to "/ctcprotocol/Protocol". This issue only affects products that are no longer...

6.1CVSS5.8AI score0.00746EPSS
Exploits1References4
CNVD
CNVD
added 2019/03/07 12:0 a.m.3 views

SAP J2EE Engine Cross-Site Scripting Vulnerability

SAP J2EE Engine is a set of runtime environments for J2EE applications. A cross-site scripting vulnerability exists in SAP J2EE Engine due to the failure of SAP J2EE Engine/7.01/Portal/EPP to effectively validate or filter user-entered data, resulting in cross-site scripting in the "ctcprotocol"...

6.1CVSS6.2AI score0.01543EPSS
Exploits1References1
CNVD
CNVD
added 2017/07/26 12:0 a.m.2 views

SAP NetWeaver AS JAVA Cross-Site Scripting Vulnerability

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform, the platform can provide the development and operation environment for SAP applications. SAP NetWeaver AS Application Server Java is a run in NetWeaver and based on the Java programming language...

6.1CVSS5.9AI score0.0097EPSS
Exploits0References1
exploitpack
exploitpack
added 2016/06/21 12:0 a.m.60 views

SAP NetWeaver AS JAVA 7.1 7.5 - ctcprotocol Servlet XML External Entity

SAP NetWeaver AS JAVA 7.1 7.5 - ctcprotocol Servlet XML External Entity Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bug: XXE Sent: 20.10.2015 Reported: 21.10.2015 Vendor response: 21.10.2015 Date of Public Advisory: 08.03.2016...

7.5CVSS0.8AI score0.15058EPSS
Exploits5
Rows per page
Query Builder