14 matches found
EUVD-2018-14221
Malware in sbrugna...
EUVD-2020-27375
Malware in sbrugna...
CVE-2020-6203
SAP NetWeaver UDDI Server Services Registry, versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to...
PT-2024-2957 · Sap · Sap Asset Accounting
Name of the Vulnerable Software and Affected Versions: SAP Asset Accounting affected versions not specified Description: The issue is related to insufficient validation of path information provided by users, which can be exploited by a high-privileged attacker to impact the confidentiality,...
CVE-2023-49058
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing ‘traverse to parent directory’ are passed through to the file APIs. As a result, it has a low impact to the confidentiality...
CVE-2022-3940
A vulnerability, which was classified as problematic, was found in lanyulei ferry. This affects an unknown part of the file apis/process/task.go. The manipulation of the argument filename leads to path traversal. The associated identifier of this vulnerability is VDB-213447...
CVE-2022-3940 lanyulei ferry task.go path traversal
A vulnerability, which was classified as problematic, was found in lanyulei ferry. This affects an unknown part of the file apis/process/task.go. The manipulation of the argument filename leads to path traversal. The associated identifier of this vulnerability is VDB-213447...
Directory traversal
Under specific circumstances SAP Master Data Management, versions - 710, 710.750, allows an unauthorized attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs. Due to this...
CVE-2020-6225
SAP NetWeaver Knowledge Management, versions KMC-CM - 7.00, 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 and KMC-WPC 7.30, 7.31, 7.40, 7.50, does not sufficiently validate path information provided by users, thus characters representing traverse to parent directory are passed through to the file APIs,...
Path traversal
SAP NetWeaver Knowledge Management, versions KMC-CM - 7.00, 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 and KMC-WPC 7.30, 7.31, 7.40, 7.50, does not sufficiently validate path information provided by users, thus characters representing traverse to parent directory are passed through to the file APIs,...
CVE-2020-6203
SAP NetWeaver UDDI Server Services Registry, versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to...
Input validation
SAP Business Process Automation BPA By Redwood, 9.0, 9.1, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs...
CVE-2018-2380
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs...
CVE-2018-2380
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs...