EUVD-2020-26026

Malware in sbrugna...

EUVD-2018-14338

Malware in sbrugna...

CVE-2024-45282 HTTP Verb Tampering in SAP S/4 HANA(Manage Bank Statements)

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...

CVE-2024-45282 HTTP Verb Tampering in SAP S/4 HANA(Manage Bank Statements)

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...

CVE-2024-45282

CVE-2024-45282 affects SAP S/4HANA, specifically the Manage Bank Statements component and its Bank Statement Draft. Fields in the read-only state can be modified via the MERGE method, leading to integrity violations in an OData entity. Root cause: lack of protection against external modifications...

CVE-2023-29189 HTTP Verb Tampering vulnerability in SAP CRM (WebClient UI)

SAP CRM WebClient UI - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801, allows an authenticated attacker to modify HTTP verbs used in requests to the web server. This application is exposed over the network and successful exploitation can lead to...

CVE-2023-29189 HTTP Verb Tampering vulnerability in SAP CRM (WebClient UI)

SAP CRM WebClient UI - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801, allows an authenticated attacker to modify HTTP verbs used in requests to the web server. This application is exposed over the network and successful exploitation can lead to...

HTTP Verb Tampering

HTTP Verb Tampering is an attack that bypasses an authentication or control system that is based on the HTTP Verb. Sometimes, Web Server authentication mechanisms use verb-based authentication with access controls. Such security mechanisms include access control rules for requests with specific...

CVE-2020-4779

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...

CVE-2020-4779

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...

Security feature bypass

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...

CVE-2020-4779

A HTTP Verb Tampering vulnerability (CVE-2020-4779) affects IBM Cúram Social Program Management 7.0.9 and 7.0.10, enabling an attacker to bypass security access controls by sending specially crafted requests. Root cause details are not fully enumerated in the provided documents, but the IBM advis...

CVE-2020-4779

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...

Security Bulletin: A HTTP Verb Tampering vulnerability may impact IBM Cúram Social Program Management (CVE-2020-4779)

Summary A HTTP Verb Tampering vulnerability may impact IBM Cúram Social Program Management. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. Vulnerability Details CVEID: CVE-2020-4779 DESCRIPTION: A HTTP Verb Tampering...

Design/Logic Flaw

HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console CMC by changing request method...

CVE-2018-2483

HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console CMC by changing request method...

CVE-2018-2483

HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console CMC by changing request method...

CVE-2018-2483

SAP BusinessObjects BI Platform CMC (versions 4.1 and 4.2) is affected by HTTP Verb Tampering caused by how request methods can be manipulated. Vulnerable component: Central Management Console. Reported impact includes bypassing security restrictions and tampering with HTTP verbs. No explicit exp...

Invoker servlets authentication bypass (HTTP verb tampering)

The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication ...

Invoker servlets authentication bypass (HTTP verb tampering)

The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication ...