CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/05/23 8:29 a.m.•3 views

CVE-2024-44116

The RFC enabled function module allows a low privileged user to add any workbook to any user's workplace favourites. This vulnerability could be utilized to identify usernames and access information about targeted user's workplaces. There is low impact on integrity of the application...

4.3CVSS6.5AI score0.00087EPSS

RedhatCVE•added 2025/05/23 8:29 a.m.•2 views

CVE-2024-42380

The RFC enabled function module allows a low privileged user to read any user's workplace favourites and user menu along with all the specific data of each node. Usernames can be enumerated by exploiting vulnerability. There is low impact on confidentiality of the application...

4.3CVSS6.7AI score0.0011EPSS

RedhatCVE•added 2025/05/23 8:29 a.m.•3 views

CVE-2024-42371

The RFC enabled function module allows a low privileged user to delete the workplace favourites of any user. This vulnerability could be utilized to identify usernames and access information about targeted user's workplaces and nodes. There is low impact on integrity and availability of the...

5.4CVSS6.5AI score0.00063EPSS

NVD•added 2024/09/10 3:15 a.m.•3 views

CVE-2024-44115

4.3CVSS0.00087EPSS

NVD•added 2024/09/10 3:15 a.m.•3 views

CVE-2024-44116

4.3CVSS0.00087EPSS

NVD•added 2024/09/10 3:15 a.m.•5 views

CVE-2024-42380

4.3CVSS0.0011EPSS

CVE•added 2024/09/10 3:11 a.m.•36 views

CVE-2024-44116

CVE-2024-44116 concerns SAP NetWeaver ABAP/ABAP Platform where an RFC-enabled function module can be abused by a low-privileged user to add any workbook to any user’s workplace favourites. The consequence is exposure of usernames and access information about targeted users’ workplaces, with low i...

4.3CVSS4.5AI score0.00087EPSS

Positive Technologies•added 2024/09/09 12:0 a.m.•2 views

PT-2024-29905 · Sap · Sap Rfc Function Module

Name of the Vulnerable Software and Affected Versions: SAP RFC function module affected versions not specified Description: The RFC enabled function module allows a low privileged user to delete the workplace favourites of any user. This issue could be utilized to identify usernames and access...

5.4CVSS6.8AI score0.00063EPSS

Exploits0References7

Huntr•added 2021/11/20 5:53 a.m.•15 views

Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2

CSRF Set 1 modify invoice status Medium severity Description CSRF in saving invoices / modifying status of invoices pending and cancel only Proof of Concept The following state-changing endpoints are vulnerable to CSRF GET...

4.3CVSS3.5AI score0.00117EPSS

Exploits1

Citrix•added 2021/02/03 12:0 a.m.•5 views

How to land on the Favourites view under Apps on StoreFront 1912?

To set the default landing page to 'Favourites' under the apps tab in 1912. By default, the landing page is 'Home'. The below script would help in achieving the same: Step 1: In the Storefront console, navigate to 'Manage Receiver for Web Sites' Step 2: Click configure and browse to 'Client...

7AI score

Citrix•added 2017/03/29 12:0 a.m.•5 views

Citrix Store Front 3.0 Unable to save favourites in Store Front

Unable to save favourites in Store Front...

7AI score

securityvulns•added 2012/05/01 12:0 a.m.•60 views

NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI

======= Summary ======= Name: Websense Triton 7.6 stored XSS in report management UI Release Date: 30 April 2012 Reference: NGS00141 Discoverer: Ben Williams [email protected] Vendor: Websense Vendor Reference: Systems Affected: Risk: High Status: Published ======== TimeLine ========...

6.1AI score

Packet Storm•added 2009/07/10 12:0 a.m.•17 views

Internet Explorer Overflow

------------------------------------------- IE Add Favourites Stack Buffer Overflow POC Sberry, Compaq ------------------------------------------- function go var str =unescape'%u4141'; var finalstr = createInlineBufferstr, 5150000; var len = finalstr.length; document.writelen; addfavfinalstr; /...

0.8AI score