The vulnerability of the SAP Afaria mobile device management program allows a hacker to inject arbitrary web or HTML code.

The vulnerability of the Device Inspector page of the SAP Afaria mobile device management software exists due to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML code using a specially crafted request...

SAP Afaria Device Inspector Page Cross-Site Scripting Vulnerability

SAP Afaria is a mobile device management solution from SAP. The solution supports the effective management of mobile devices, applications, and data lifecycles and ensures their security during transmission and storage. A cross-site scripting vulnerability exists in the Client form in the Device...

Device Inspector 1.5 Command Injection

Document Title: =============== Device Inspector v1.5 iOS - Command Inject Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1558 Release Date: ============= 2015-08-07 Vulnerability Laboratory ID VL-ID: ====================================...

Device Inspector v1.5 iOS - Command Inject Vulnerabilities

Document Title: =============== Device Inspector v1.5 iOS - Command Inject Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1558 Release Date: ============= 2015-08-07 Vulnerability Laboratory ID VL-ID: ====================================...

SAP Afaria - Stored XSS

Application: SAP Afaria 7 Vendor URL: http://www.sap.com Bugs: XSS Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Security Note 2152669 Authors: Dmitry Chastukhin ERPScan Vulnerability information Class: XML External Entity CWE-79 Impact: Store...