2 matches found
CVE-2015-7968
nwbcext2int in SAP NetWeaver Application Server before Security Note 2183189 allows XXE attacks for local file inclusion via the sap/bc/ui2/nwbc/nwbcext2int/ URI...
CVE-2015-7968
SAP NetWeaver Application Server is affected by CVE-2015-7968 due to the nwbc_ext2int component, which allows XXE-based local file inclusion via the sap/bc/ui2/nwbc/nwbc_ext2int/ URI. The root cause is improper XML entity handling in nwbc_ext2int, enabling access to local files. The vulnerability...