Lucene search
+L

6 matches found

OSV
OSV
added 2022/07/12 9:15 p.m.6 views

CVE-2022-35224

SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. This attack can be used to non-permanently deface or modify portal content. The execution of script content by a...

6.1CVSS6.4AI score0.00664EPSS
Exploits0References2
CNVD
CNVD
added 2017/03/27 12:0 a.m.1 views

SAP Enterprise Portal 'GenericSemanticTest' Component Cross-Site Scripting Vulnerability

SAP Enterprise Portal is a set of enterprise portal based on NetWeaver system platform developed by SAP, which contains content management, single sign-on, knowledge management, collaborative work, full-text search and other modules. A cross-site scripting vulnerability exists in the SAP Enterpri...

6.1AI score
Exploits0References1
Metasploit
Metasploit
added 2013/04/18 6:26 p.m.16 views

SAP ConfigServlet OS Command Execution

This module allows execution of operating system commands through the SAP ConfigServlet without any authentication. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP ConfigServlet OS Command...

7.3AI score
Exploits0
erpscan
erpscan
added 2011/12/03 12:0 a.m.18 views

SAP Portal - unauthorized file read

Application: SAP Portal Vendor URL: http://www.sap.com Bugs: Directory traversal Exploits: YES Reported: 12.03.2011 Vendor response: 13.03.2011 Date of Public Advisory: 12.09.2012 Reference: SAP Security Note 1707494 Author: Dmitry Chastukhin ERPScan Description It is possible to read files in...

6.3AI score
Exploits0
erpscan
erpscan
added 2010/01/25 12:0 a.m.16 views

SAP NetWeaver ExchangeProfile — XSS

Application: SAP NetWeaver Versions Affected:SAP NetWeaver SLD ExchangeProfile application 6.40-7.30 Vendor URL: Bugs: XSS Exploits: YES Reported: 25.01.2010 Vendor response: 25.01.2010 Date of SAP Security Note Published: 14.09.2010 Date of Public Advisory: 14.12.2010 Author: Alexandr Polyakov...

6.1AI score
Exploits0
erpscan
erpscan
added 2010/01/25 12:0 a.m.23 views

SAP NetWaver JPR Proxy Server — Multiple XSS

Application: SAP NetWeaver Versions Affected: SAP NetWeaver JPR Proxy Vendor URL: Bugs: XSS Exploits: YES Reported: 25.01.2010 Vendor response: 25.01.2010 Date of SAP Security Note Published: 14.09.2010 Date of Public Advisory: 14.12.2010 Author: Dmitriy Evdokimov Description SAP NetWeaver...

6.1AI score
Exploits0
Rows per page
Query Builder