10 matches found
CVE-2016-2388
creationtimestamp| type| source ---|---|--- 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-03 16:21:14+00:00| seen| https://t.me/arpsyndicate/976 2024-12-24 20:32:28+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2971660 2025-02-06 02:42:30+00:00| see...
SAP NetWeaver AS Java Information Disclosure (2256846)
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.1 to 7.5, allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846. Note that Nessus has not tested for this issue but has instead relied only on the application's...
SAP NetWeaver J2EE Engine 7.40 SQL Injection
!/usr/bin/env python coding=utf-8 """ Author: Vahagn Vardanyan https://twitter.com/vah13 Bugs: CVE-2016-2386 SQL injection CVE-2016-2388 Information disclosure CVE-2016-1910 Crypto issue Follow HTTP request is a simple PoC for anon time-based SQL injection CVE-2016-2386 vulnerability in SAP...
SAP NetWeaver J2EE Engine 7.40 - SQL Injection Exploit
Exploit for multiple platform in category web applications !/usr/bin/env python coding=utf-8 """ Author: Vahagn Vardanyan https://twitter.com/vah13 Bugs: CVE-2016-2386 SQL injection CVE-2016-2388 Information disclosure CVE-2016-1910 Crypto issue Follow HTTP request is a simple PoC for anon...
SAP NetWeaver J2EE Engine 7.40 - SQL Injection
SAP NetWeaver J2EE Engine 7.40 - SQL Injection !/usr/bin/env python coding=utf-8 """ Author: Vahagn Vardanyan https://twitter.com/vah13 Bugs: CVE-2016-2386 SQL injection CVE-2016-2388 Information disclosure CVE-2016-1910 Crypto issue Follow HTTP request is a simple PoC for anon time-based SQL...
SAP NetWeaver AS Java Multiple Vulnerabilities (2101079, 2191290, 2256846) - Active Check
SAP NetWeaver Application Server AS Java is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
SAP NetWeaver AS JAVA 7.1 < 7.5 - Information Disclosure
Application:SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bugs: information disclosure Sent: 15.09.2015 Reported: 15.09.2015 Vendor response: 16.09.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2256846 Author: Vahagn...
SAP NetWeaver AS JAVA 7.1 < 7.5 - Information Disclosure
Exploit for java platform in category web applications Application:SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bugs: information disclosure Sent: 15.09.2015 Reported: 15.09.2015 Vendor response: 16.09.2015 Date of Public Advisory: 09.02.2016...
CVE-2016-2388
CVE-2016-2388 affects SAP NetWeaver AS JAVA (notably 7.4; referenced in SAP Security Note 2256846) where the Universal Worklist Configuration enables remote disclosure of sensitive user information via a crafted HTTP request. Documented impact is information disclosure with network-based access a...
SAP NetWeaver AS JAVA - information disclosure vulnerability
Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 – 7.5 Vendor URL: SAP Bugs: Information disclosure Reported: 15.09.2015 Vendor response: 16.09.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2256846 Author: Vahagn Vardanyan ERPScan VULNERABILI...