CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-14274

Malware in sbrugna...

5.5CVSS4.8AI score0.00182EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-14339

Malware in sbrugna...

8.8CVSS8.6AI score0.00414EPSS

Exploits0References4

Cvelist•added 2024/01/09 1:15 a.m.•11 views

CVE-2024-21736 Missing Authorization check in SAP S/4HANA Finance (Advanced Payment Management)

SAP S/4HANA Finance for Advanced Payment Management - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. A function import could be triggered allowing the attacker to create in-house bank accounts leading to low impact on the confidentiality of the application...

6.4CVSS6.6AI score0.0006EPSS

Exploits0References2

CVE•added 2023/05/09 12:57 a.m.•42 views

CVE-2023-29188

The CVE-2023-29188 issue affects SAP CRM WebClient UI and related components: SAPSCORE 129, S4FND 102–107, WEBCUIF 701–801. The vulnerability is a Cross-Site Scripting (XSS) flaw caused by insufficient encoding of user-controlled inputs. Successful exploitation could allow a user with normal acce...

5.4CVSS5.3AI score0.00404EPSS

Exploits0References2Affected Software3

Positive Technologies•added 2023/05/09 12:0 a.m.•2 views

PT-2023-2940 · Sap · Sap Crm Webclient Ui

Name of the Vulnerable Software and Affected Versions: SAP CRM WebClient UI versions SAPSCORE 129, S4FND 102 through S4FND 107, WEBCUIF 701 through WEBCUIF 801 Description: The SAP CRM WebClient UI does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting XSS issue...

5.5CVSS5.2AI score0.00404EPSS

Exploits0References5

Prion•added 2019/01/08 8:29 p.m.•21 views

Cross site scripting

SAP CRM WebClient UI fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

3.5CVSS5.3AI score0.00299EPSS

Exploits0References3Affected Software3

OSV•added 2019/01/08 8:29 p.m.•1 views

CVE-2019-0244

5.4CVSS5.8AI score0.00299EPSS

Exploits0References3

Prion•added 2019/01/08 8:29 p.m.•8 views

Cross site scripting

3.5CVSS5.3AI score0.00299EPSS

Exploits0References3Affected Software3

NVD•added 2019/01/08 8:29 p.m.•11 views

CVE-2019-0244

5.4CVSS5.3AI score0.00299EPSS

Exploits0References3

NVD•added 2019/01/08 8:29 p.m.•15 views

CVE-2019-0245

5.4CVSS5.3AI score0.00299EPSS

Exploits0References3

Cvelist•added 2019/01/08 8:0 p.m.•16 views

CVE-2019-0244

5.3AI score0.00299EPSS

Exploits0References3

Cvelist•added 2019/01/08 8:0 p.m.•16 views

CVE-2018-2484

SAP Enterprise Financial Services fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.6320 does not perform necessary authorization checks for an authenticated user, resulting in escalation of...

8.9AI score0.00414EPSS

Exploits0References3

CVE•added 2019/01/08 8:0 p.m.•44 views

CVE-2019-0244

CVE-2019-0244 affects SAP CRM WebClient UI components (SAPSCORE, S4FND, WEBCUIF). The vulnerability arises from insufficient encoding of user-controlled inputs, enabling Cross-Site Scripting (XSS). Affected product areas: SAP CRM WebClient UI; fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.4...

5.4CVSS5.3AI score0.00299EPSS

Exploits0References3Affected Software1

CVE•added 2019/01/08 8:0 p.m.•47 views

CVE-2019-0245

SAP CRM WebClient UI is affected by a Cross-Site Scripting (XSS) vulnerability due to insufficient encoding of user-controlled inputs. The flaw affects SAPSCORE 1.12; S4FND 1.02; WEBCUIF components 7.31, 7.46, 7.47, 7.48, 8.0, and 8.01. The root cause is improper input encoding in the web client ...

5.4CVSS5.3AI score0.00299EPSS

Exploits0References3Affected Software1

CVE•added 2018/12/11 11:0 p.m.•35 views

CVE-2018-2486

SAP Marketing (UICUAN 1.20/1.30/1.40; SAPSCORE 1.13/1.14) is affected by an XSS flaw caused by insufficient encoding of user-controlled inputs. The vulnerability impacts web-facing input handling, enabling potential HTML/JavaScript injection. The provided documents do not specify exploit details,...

5.4CVSS5.3AI score0.00399EPSS

Exploits0References3Affected Software2

NVD•added 2018/12/11 10:29 p.m.•6 views

CVE-2018-2486

SAP Marketing UICUAN 1.20, 1.30, 1.40, SAPSCORE 1.13, 1.14 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.3AI score0.00399EPSS

Exploits0References3

Prion•added 2018/12/11 10:29 p.m.•7 views

Cross site scripting

SAP Marketing UICUAN 1.20, 1.30, 1.40, SAPSCORE 1.13, 1.14 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

3.5CVSS5.3AI score0.00399EPSS

Exploits0References3Affected Software2

OSV•added 2018/12/11 10:29 p.m.•1 views

CVE-2018-2486

SAP Marketing UICUAN 1.20, 1.30, 1.40, SAPSCORE 1.13, 1.14 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.8AI score0.00399EPSS

Exploits0References3

CVE•added 2018/05/09 8:0 p.m.•53 views

CVE-2018-2419

CVE-2018-2419 concerns SAP Enterprise Financial Services (SAPSCORE 1.11/1.12; S4CORE 1.01/1.02; EA-FINSERV 6.x, 8.0) where an authenticated user can escalate privileges due to missing authorization checks. The description and related sources corroborate a privilege-escalation flaw without detaili...

5.5CVSS5.1AI score0.00182EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by