10 matches found
EUVD-2017-7544
Malware in sbrugna...
EUVD-2023-12121
Malicious code in bioql PyPI...
SAP BPC MS SQL Injection Vulnerability
SAP BPC MS is a business planning and consolidation application from SAP Germany that provides planning, budgeting, forecasting, and financial consolidation functions. SAP BPC MS version 10.0 810 contains a SQL injection vulnerability that stems from the application's lack of validation of...
CVE-2020-6368
SAP Business Planning and Consolidation, versions - 750, 751, 752, 753, 754, 755, 810, 100, 200, can be abused by an attacker, allowing them to modify displayed application content without authorization, and to potentially obtain authentication information from other legitimate users, leading to...
Xxe
An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can cause an XML external entity to be referenced, resulting in information disclosure and potential denial of service. An attacker can issue authenticated HTTP...
CVE-2017-16349
An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can cause an XML external entity to be referenced, resulting in information disclosure and potential denial of service. An attacker can issue authenticated HTTP...
CVE-2017-16349
An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can cause an XML external entity to be referenced, resulting in information disclosure and potential denial of service. An attacker can issue authenticated HTTP...
CVE-2017-16349
CVE-2017-16349 affects SAP BPC, with an XML External Entity (XXE) injection in the reporting functionality. A crafted XML request can reference an XXE to disclose information or cause denial of service, and authenticated HTTP requests can trigger it. Public reports (e.g., Talos) describe the vuln...
SAP BPC Web Application Information Disclosure Vulnerability
Talos Vulnerability Report SAP SAP BPC Web Application Information Disclosure Vulnerability April 19, 2018 CVE Number CVE-2017-16349 Summary An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can cause an XML external...
SAP BPC Web Application Information Disclosure Vulnerability
Summary An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can cause an XML external entity to be referenced, resulting in information disclosure and potential denial of service. An attacker can issue authenticated HT...