11 matches found
EUVD-2014-8497
Malware in sbrugna...
EUVD-2012-1315
Malware in sbrugna...
EUVD-2012-1316
Malware in sbrugna...
CVE-2014-8661
The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecified vectors...
CVE-2014-8661
The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecified vectors...
Command injection
The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecified vectors...
CVE-2014-8661
Technical details about CVE-2014-8661 (affected SAP CRM Internet Sales) are not publicly provided in the supplied documents; monitor for updates from vendors and advisories before assessing impact, exploitability, or fixes.
CVE-2014-8661
The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecified vectors...
Directory traversal
Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. dot dot in the logfilename parameter to 1 b2b/admin/log.jsp or 2 b2b/admin/logview.jsp in the Internet Sales crm.b2b component, or 3 ipc/admin/log.jsp or 4...
CVE-2012-1290
The CVE-2012-1290 entry describes a Cross-site scripting (XSS) vulnerability in SAP NetWeaver 7.0, specifically in the Internet Sales (crm.b2b) module and the b2b/auction/container.jsp page. The issue is exploitable via the _loadPage parameter, allowing an attacker to inject arbitrary web script ...
CVE-2012-1289
SAP NetWeaver 7.0 is affected by multiple directory traversal vulnerabilities in log.jsp/log_view.jsp under Internet Sales (crm.b2b) and Application Administration (com.sap.ipc.webapp.ipc). The root cause is improper validation of the logfilename parameter, allowing remote authenticated users to ...