Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-19724

Malicious code in bioql PyPI...

6.1CVSS5.2AI score0.01258EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 9:35 a.m.5 views

CVE-2024-22128

SAP NWBC for HTML - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An unauthenticated attacker can inject malicious javascript to...

6.1CVSS5AI score0.01258EPSS
Exploits0References1
NVD
NVDadded 2024/02/13 2:15 a.m.9 views

CVE-2024-22128

SAP NWBC for HTML - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An unauthenticated attacker can inject malicious javascript to...

6.1CVSS4.7AI score0.01258EPSS
Exploits0References2
OSV
OSVadded 2024/02/13 2:15 a.m.0 views

CVE-2024-22128

SAP NWBC for HTML - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An unauthenticated attacker can inject malicious javascript to...

6.1CVSS5.8AI score0.01258EPSS
Exploits0References2
Prion
Prionadded 2024/02/13 2:15 a.m.13 views

Cross site scripting

SAP NWBC for HTML - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An unauthenticated attacker can inject malicious...

4CVSS6.2AI score0.01258EPSS
Exploits0References2
CVE
CVEadded 2024/02/13 2:2 a.m.41 views

CVE-2024-22128

CVE-2024-22128 affects SAP NWBC for HTML. The issue is insufficient encoding of user-controlled inputs in versions SAP_UI 754–758 and SAP_BASIS 700–702, 731, enabling unauthenticated attackers to inject malicious JavaScript and impact confidentiality and integrity of application data after exploi...

6.1CVSS5.1AI score0.01258EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2024/02/12 12:0 a.m.2 views

PT-2024-4069 · Sap · Sap Nwbc For Html

Name of the Vulnerable Software and Affected Versions: SAP NWBC for HTML - versions SAP UI 754 through SAP UI 758 SAP NWBC for HTML - versions SAP BASIS 700 through SAP BASIS 702 SAP NWBC for HTML - version SAP BASIS 731 Description: The issue arises from insufficient encoding of user-controlled...

6.1CVSS5.7AI score0.01258EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2020/03/09 2:15 p.m.2 views

CVE-2015-7968

nwbcext2int in SAP NetWeaver Application Server before Security Note 2183189 allows XXE attacks for local file inclusion via the sap/bc/ui2/nwbc/nwbcext2int/ URI...

6.4CVSS5.4AI score0.00169EPSS
Exploits1References3
CVE
CVEadded 2014/06/13 2:0 p.m.39 views

CVE-2014-4160

CVE-2014-4160 concerns multiple cross-site scripting (XSS) flaws in the SAP NetWeaver Business Client (NWBC) testcanvas node. The vulnerabilities enable remote attackers to inject arbitrary web script or HTML via the (1) title or (2) sap-accessibility parameter. The public description confirms XS...

4.3CVSS5.9AI score0.00359EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder