2 matches found
CVE-2015-3980
SQL injection vulnerability in the Business Rules Framework CRM-BF-BRF in SAP CRM allows attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2097534...
CVE-2015-3980
The SAP CRM vulnerability CVE-2015-3980 affects the Business Rules Framework (CRM-BF-BRF) in SAP CRM. It is a SQL injection flaw that lets attackers remotely submit specially crafted SQL queries to the backend, enabling data manipulation or disclosure. Root cause appears to be unsafe SQL handling...