SAP NetWeaver Application Server ABAP HTML Injection Vulnerability

SAP NetWeaver Application Server ABAP is an application server developed by SAP to run ABAP applications. An HTML injection vulnerability exists in SAP NetWeaver Application Server ABAP. An attacker could exploit this vulnerability to construct URLs containing malicious scripts that could be...

CVE-2023-0013

The ABAP Keyword Documentation of SAP NetWeaver Application Server - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, for ABAP and ABAP Platform does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. On successful exploitation an...

Vulnerabilities fixed in JBoss Enterprise Application Platform

Red Hat has fixed vulnerabilities in JBoss Enterprise Application Platform. A remote malicious person could vulnerabilities potentially exploit them to cause a denial-of-service or to gain access to sensitive data. Red Hat has released updates to fix the vulnerabilities in JBoss Enterprise...

undertow: Long URL proxy request lead to java.nio.BufferOverflowException and DoS

It was discovered that a long URL sent to EAP 7 Server operating as a reverse proxy with default buffer sizes causes a Denial of Service...

Sybase Enterprise Application Server Management Console detection

The remote host is running the Sybase Enterprise Application Server JSP Administration Console. Sybase EAServer is the open application server from Sybase Inc an enterprise software and services company, exclusively focused on managing and mobilizing information. This VT was deprecated and the...

CVE-2002-1861

CVE-2002-1861 concerns Sybase Enterprise Application Server 4.0 running on Windows, where a remote attacker could retrieve files from the WEB-INF directory by requesting the directory with a trailing dot (WEB-INF.). This is an information disclosure vulnerability tied to how the server handles WE...