5 matches found
SAP Afaria - Authorization bypass, Insecure signature
Application: SAP Afaria 7.0.6001.5 Vendor URL: http://www.sap.com Bugs: Authorization bypass Reported: 12.03.2015 Vendor response: 13.03.2015 Date of Public Advisory: 12.05.2015 Reference: SAP Security Note 2134905 Authors: Dmitry Chastukhin ERPScan Description An anonymous attacker can spoof a...
SAP HANA metadata.xsjs - SQL injection
Application: SAP HANA Versions Affected: 1.00.60.379371 Vendor URL: http://www.sap.com Bugs: SQL injection Exploits: YES Reported: 09.04.2014 Vendor response: 10.04.2014 Date of Public Advisory: 17.10.2014 Reference: SAP Security Note 2067972 Author: Dmitry Chastukhin ERPScan Description SQL...
SAP NetWeaver Solution Manager - Missing Authorization Check & Information Disclosure
Application: SAP NetWeaver Solution Manager Versions Affected: SAP NetWeaver Solution Manager Vendor URL: http://www.sap.com Bugs: Missing Authorization Check & Information Disclosure Reported: 07.12.2011 Vendor response: 08.12.2011 Date of Public Advisory: 25.01.2014 Reference: SAP Security Note...
SAP XI - authentication bypass
Application: SAP NetWeaver XI Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Security Bypass Exploits: YES Reported: 21.03.2011 Vendor response: 22.03.2011 Date of Public Advisory: 11.09.2012 Reference: SAP Security Note 1707494 Authors: Alexander Polyakov, Alexey Tyurin,...
SAP BW Doc - Multiple XSS
Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs:Linked XSS Vulnerability Exploits: YES Reported: 14.03.2011 Vendor response:16.03.2011 Date of Public Advisory:11.11.2011 CVSS: 4.3 Author: Alexandr Polyakov and Dmitriy Chastuchin Description BW DOC...