6 matches found
CVE-2022-35224
SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. This attack can be used to non-permanently deface or modify portal content. The execution of script content by a...
SAP Enterprise Portal 'GenericSemanticTest' Component Cross-Site Scripting Vulnerability
SAP Enterprise Portal is a set of enterprise portal based on NetWeaver system platform developed by SAP, which contains content management, single sign-on, knowledge management, collaborative work, full-text search and other modules. A cross-site scripting vulnerability exists in the SAP Enterpri...
SAP ConfigServlet OS Command Execution
This module allows execution of operating system commands through the SAP ConfigServlet without any authentication. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP ConfigServlet OS Command...
SAP Portal - unauthorized file read
Application: SAP Portal Vendor URL: http://www.sap.com Bugs: Directory traversal Exploits: YES Reported: 12.03.2011 Vendor response: 13.03.2011 Date of Public Advisory: 12.09.2012 Reference: SAP Security Note 1707494 Author: Dmitry Chastukhin ERPScan Description It is possible to read files in...
SAP NetWeaver ExchangeProfile — XSS
Application: SAP NetWeaver Versions Affected:SAP NetWeaver SLD ExchangeProfile application 6.40-7.30 Vendor URL: Bugs: XSS Exploits: YES Reported: 25.01.2010 Vendor response: 25.01.2010 Date of SAP Security Note Published: 14.09.2010 Date of Public Advisory: 14.12.2010 Author: Alexandr Polyakov...
SAP NetWaver JPR Proxy Server — Multiple XSS
Application: SAP NetWeaver Versions Affected: SAP NetWeaver JPR Proxy Vendor URL: Bugs: XSS Exploits: YES Reported: 25.01.2010 Vendor response: 25.01.2010 Date of SAP Security Note Published: 14.09.2010 Date of Public Advisory: 14.12.2010 Author: Dmitriy Evdokimov Description SAP NetWeaver...