9 matches found
SAP KMC WPC Information Disclosure Vulnerability
SAP KMC WPC is a combination of enterprise content management and web publishing components from SAP. An information disclosure vulnerability exists in SAP KMC WPC, which can be exploited by an attacker to retrieve a user name via a simple parameter query, resulting in the disclosure of sensitive...
CVE-2025-26657
SAP KMC WPC allows an unauthenticated attacker to remotely retrieve usernames by a simple parameter query which could expose sensitive information causing low impact on confidentiality of the application. This has no effect on integrity and availability...
CVE-2025-26657
SAP KMC WPC allows an unauthenticated attacker to remotely retrieve usernames by a simple parameter query which could expose sensitive information causing low impact on confidentiality of the application. This has no effect on integrity and availability...
CVE-2025-26657 Information Disclosure vulnerability in SAP KMC WPC
SAP KMC WPC allows an unauthenticated attacker to remotely retrieve usernames by a simple parameter query which could expose sensitive information causing low impact on confidentiality of the application. This has no effect on integrity and availability...
CVE-2025-26657
CVE-2025-26657 is an information-disclosure vulnerability in SAP KMC WPC. An unauthenticated attacker can remotely retrieve usernames via a simple parameter query, exposing sensitive information and causing low confidentiality impact. The root cause is an information-disclosure flaw in the WPC co...
CVE-2025-26657 Information Disclosure vulnerability in SAP KMC WPC
SAP KMC WPC allows an unauthenticated attacker to remotely retrieve usernames by a simple parameter query which could expose sensitive information causing low impact on confidentiality of the application. This has no effect on integrity and availability...
PT-2025-15366 · Sap · Sap Kmc Wpc
Name of the Vulnerable Software and Affected Versions: SAP KMC WPC affected versions not specified Description: The issue allows an unauthenticated attacker to remotely retrieve usernames by a simple parameter query, potentially exposing sensitive information and causing low impact on the...
Path traversal
SAP NetWeaver Knowledge Management, versions KMC-CM - 7.00, 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 and KMC-WPC 7.30, 7.31, 7.40, 7.50, does not sufficiently validate path information provided by users, thus characters representing traverse to parent directory are passed through to the file APIs,...
CVE-2020-6225
SAP NetWeaver Knowledge Management vulnerability CVE-2020-6225 involves path traversal due to insufficient validation of user-supplied path information. Affected are SAP NetWeaver Knowledge Management components (KMC-CM: 7.00, 7.01, 7.02, 7.30, 7.31, 7.40, 7.50; KMC-WPC: 7.30, 7.31, 7.40, 7.50). ...