Lucene search
K
ErpscanMost viewed

291 matches found

erpscan
erpscan
added 2015/07/17 12:0 a.m.383 views

Oracle E-Business Suite - XXE injection vulnerability

Application: Oracle E-Business Suite Version Affected: Oracle E-Business Suite 12.1.3, probably others Vendor: Oracle Bugs: XXE injection Reported:17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory: 19.01.2016 Reference: Oracle CPU Jan 2016 Author: Nikita Kelesis, Ivan Chalykin, Alexe...

5CVSS0.8AI score0.0392EPSS
Exploits0
erpscan
erpscan
added 2011/01/15 12:0 a.m.206 views

SAP RFC EPS_DELETE_FILE — Authorisation bypass, smbrelay

Application: SAP NetWeaver ABAP Versions Affected: SAP NetWeaver ABAP Vendor URL: http://www.sap.com Bugs:Auth bypass, directory traversal, smbrelay Exploits: YES Reported: 15.01.2011 Vendor response: 25.01.2011 Date of Public Advisory: 22.08.2011 Author: Alexey Sintsov Description Security...

1.6AI score
Exploits0
erpscan
erpscan
added 2016/01/11 12:0 a.m.197 views

SAP Netweaver Java deserialization of untrusted user value in metadatauploader

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7400.12.21.30308 Vendor URL: SAP Bugs: DoS Reported: 01.11.2016 Vendor response: 02.11.2016 Date of Public Advisory: 14.03.2017 Reference: SAP Security Note 2399804 Author: Vahagn VardanyanERPScan & Mathieu Geli ERPScan VULNERABILITY...

7.5CVSS0.05513EPSS
Exploits0
erpscan
erpscan
added 2015/07/17 12:0 a.m.176 views

Oracle E-Business Suite - SQL injection vulnerability

Application: E-Business Suite Vendor URL: Oracle Bugs: SQL injection Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin, Egor Karbutov ERPScan VULNERABILITY INFORMATION Class: SQL...

3.6CVSS1.5AI score0.01804EPSS
Exploits0
erpscan
erpscan
added 2016/06/17 12:0 a.m.165 views

SAP Netweaver AS Java - XXE vulnerability in Visual Composer VC70RUNTIME

Application: SAP NetWeaver Versions Affected: SAP NetWeaver AS JAVA 7.5 Vendor URL: SAP Bugs: XXE Reported: 17.06.2016 Vendor response: 18.06.2016 Date of Public Advisory: 14.02.2017 Reference: SAP Security Note 2386873 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: XXE Impact:...

6.5CVSS0.2AI score0.01393EPSS
Exploits0
erpscan
erpscan
added 2015/09/15 12:0 a.m.158 views

SAP NetWeaver AS JAVA - information disclosure vulnerability

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 – 7.5 Vendor URL: SAP Bugs: Information disclosure Reported: 15.09.2015 Vendor response: 16.09.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2256846 Author: Vahagn Vardanyan ERPScan VULNERABILI...

5CVSS5.9AI score0.51553EPSS
Exploits10
erpscan
erpscan
added 2016/06/17 12:0 a.m.155 views

SAP NetWeaver AS Java 7.5 XXE in com.sap.km.cm.ice

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java 7.5 Vendor URL: SAP Bugs: XXE Reported: 17.06.2016 Vendor response: 18.06.2016 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2387249 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: XXE...

4CVSS6.8AI score0.01373EPSS
Exploits0
erpscan
erpscan
added 2015/04/12 12:0 a.m.153 views

SAP NetWeaver Java AS WD_CHAT - Information disclosure vulnerability

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.1 – 7.5 Vendor URL: SAP Bugs: Information disclosure Reported: 04.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 08.03.2016 Reference: SAP Security Note 2255990 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION...

5CVSS0.1AI score0.02413EPSS
Exploits1
erpscan
erpscan
added 2012/09/25 12:0 a.m.138 views

SAP NetWeaver Management Console (gSOAP) - Partial HTTP requests DoS

Application: SAP Versions Affected: SAP Netweaver 7.02/7.3, probably others Vendor URL: http://www.sap.com Bugs: Denial of Service Exploits: YES Reported: 25.09.2012 Vendor response: 26.09.2012 Date of Public Advisory: 17.10.2014 Reference: SAP Security Note 1986725 Author: Igor Ilyin, Alexey...

1.1AI score
Exploits0
erpscan
erpscan
added 2010/04/22 12:0 a.m.135 views

Lotus Domino Web Administrator - Cross Site Command Execution

Application: Lotus Domino Versions Affected: Lotus Domino Web Administrator 6.5 and 8.5.1 Vendor URL: IBM Bugs: CSRF, Command execution Exploits: YES Reported: 22.04.2010 Vendor response: 22.04.2010 Date of Public Advisory: 24.03.2013 Reference: IBM CVE number: CVE-2013-0489 Author: Alexander...

6CVSS0.3AI score0.00475EPSS
Exploits0
erpscan
erpscan
added 2009/01/21 12:0 a.m.135 views

Oracle Secure Enterprise Search 10.1.8 Linked XSS Vulnerability

Application: Oracle Secure Enterprise Search SES Versions Affected: Oracle Secure Enterprise Search SES version 10.1.8.2.0 Vendor URL: Bugs: XSS Exploits: YES Reported: 21.01.2009 Vendor response: 23.01.2009 Date of Public Advisory: 16.07.2009 CVE: CVE-2009-1968 Description: XSS IN search query...

4.3CVSS5.2AI score0.40079EPSS
Exploits1
erpscan
erpscan
added 2015/07/17 12:0 a.m.132 views

Oracle E-Business Suite – XXE injection vulnerability

Application: Oracle E-Business Suite Vendor: Oracle Versions Affected: Oracle E-Business Suite 12.1.3, probably others Bugs: XXE injection Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory: 19.01.2016 Reference: Oracle CPU Jan 2016 Author: Nikita Kelesis, Ivan Chalykin,...

5CVSS0.6AI score0.02411EPSS
Exploits0
erpscan
erpscan
added 2015/10/20 12:0 a.m.130 views

SAP NetWeaver AS Java NavigationURLTester - XSS vulnerability

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.4 Vendor URL: SAP Bugs: XSS vulnerability Reported: 20.10.2015 Vendor response: 21.10.2015 Date of Public Advisory: 08.03.2016 Reference: SAP Security Note 2238375 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XSS...

4.3CVSS0.1AI score0.01611EPSS
Exploits2
erpscan
erpscan
added 2014/08/25 12:0 a.m.124 views

SAP Kernel - RCE and DoS vulnerability

Application: SAP NetWeaver Dispatcher Versions Affected: SAP Kernel 7.00 32BIT, 7.40 64BIT Vendor URL: http://www.sap.com Vulnerability: Buffer Overflow – RCE, Denial of Service Exploits: YES Reported: 25.08.2014 Vendor response: 25.08.2014 Date of Public Advisory: 15.12.2014 Reference: SAP...

6.5CVSS1.1AI score0.0237EPSS
Exploits0
erpscan
erpscan
added 2009/12/14 12:0 a.m.124 views

Oracle Document Capture ActiveX — Insecure method, buffer overflow

Application: Oracle Document Capture Versions Affected: Oracle Document Capture 10.1.3.5 Vendor URL: Bugs: Insecure method. Buffer overflow. Exploits: YES Reported: 14.12.2009 Vendor response: 15.12.2009 Date of Public Advisory: 24.01.2011 CVE-number: CVE-2010-3599 Author: Alexandr Polyakov...

9.4CVSS0.3AI score0.16177EPSS
Exploits5
erpscan
erpscan
added 2015/03/13 12:0 a.m.123 views

SAP Afaria 7 XComms - BoF

Application: SAP Afaria 7.00.6620.2 SP5 Vendor URL: http://www.sap.com Bugs: BoF Reported: 13.03.2015 Vendor response: 14.03.2015 Date of Public Advisory: 18.05.2015 Reference: SAP Security Note 2153690 Authors: Dmitry Chastukhin ERPScan Vulnerability information Class: XML External Entity CWE-12...

7.5CVSS0.8AI score0.03214EPSS
Exploits0
erpscan
erpscan
added 2014/09/12 12:0 a.m.122 views

Sybase SQL Anywhere 11 and 16 - DoS

Application: Sybase SQL Anywhere 11 and 16 Vendor URL: Bugs: DoS Reported: 09.12.2014 Vendor response: 10.12.2014 Date of Public Advisory: 15.03.2015 Reference: SAP Security Note 2108161 Authors: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: DoS CWE-122 Impact: DoS Remotely Exploitabl...

5CVSS9.6AI score0.02444EPSS
Exploits0
erpscan
erpscan
added 2015/07/17 12:0 a.m.119 views

Oracle E-Business Suite - XXE injection vulnerability

Application: E-Business Suite Vendor URL: Oracle Bugs: XXE injection Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin ERPScan VULNERABILITY INFORMATION Class: XML External Entit...

6.8CVSS2.1AI score0.03088EPSS
Exploits0
erpscan
erpscan
added 2015/04/12 12:0 a.m.119 views

SAP NetWeaver AS Java 7.4 DataArchivingService servlet XSS

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.4 Vendor URL: SAP Bugs: XXS Reported: 04.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2308535 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XSS...

4.3CVSS6.4AI score0.01146EPSS
Exploits0
erpscan
erpscan
added 2014/06/11 12:0 a.m.119 views

SAP NetWeaver Portal ReportXmlViewer - XXE

Application: SAP NetWeaver Portal 7.31.201109172004 Vendor URL: http://www.sap.com Bugs: XML External Entity Reported: 06.11.2014 Vendor response: 07.11.2014 Date of Public Advisory: 15.03.2015 Reference: SAP Security Note 2111939 Authors: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class:...

5CVSS0.4AI score0.02397EPSS
Exploits0
erpscan
erpscan
added 2009/06/26 12:0 a.m.118 views

Oracle BI help page - XSS

Application: Oracle Business Intelligence Versions Affected: Oracle Business Intelligence Enterprise Edition 10.1.3.4.0 Vendor URL: http://www.oracle.com Bugs: XSS/phishing credentials Exploits: YES Reported: 26.06.2009 Vendor response: 27.06.2009 Last response: 30.06.2009 Patched: 16.10.2012 Dat...

4.3CVSS5.4AI score0.01265EPSS
Exploits0
erpscan
erpscan
added 2015/10/20 12:0 a.m.115 views

SAP NetWeaver JAVA AS UDDI component - XXE vulnerability

Application: SAP AS JAVA Versions Affected: SAP AS JAVA 7.4 Vendor URL: SAP Bugs: XXE Reported: 20.10.2015 Vendor response: 21.10.2015 Date of Public Advisory: 14.04.2016 Reference: SAP Security Note 2254389 Author: Vahagn Vardanyan ERPScan Vulnerability Information Class: denial of service Impac...

9CVSS0.4AI score0.05264EPSS
Exploits2
erpscan
erpscan
added 2014/06/11 12:0 a.m.109 views

SAP Mobile Platform - XXE

Application: Mobile Platform Vendor URL: http://www.sap.com Bugs: XML External Entity Reported: 06.11.2014 Vendor response: 07.11.2014 Date of Public Advisory: 15.02.2015 Reference: SAP Security Note 2125358 Authors: Dmitry Chastukhin ERPScan VULNERABILITY INFORMATION Class: XML External Entity...

5CVSS0.6AI score0.01642EPSS
Exploits0
erpscan
erpscan
added 2014/08/17 12:0 a.m.105 views

SAPKERNEL C_SAPGPARAM - RCE, DoS

Application: SAP NetWeaver Dispatcher Versions Affected: SAP KERNEL 7.00 32BIT, disp+work.exe 7000.52.12.34966, SAP KERNEL 7.40 64BIT, disp+work.exe 7400.12.21.30308 Vendor URL: http://www.sap.com Bugs: Buffer Overflow Reported: 17.08.2014 Vendor response: 18.08.2014 Date of Public Advisory:...

6.5CVSS1.8AI score0.03704EPSS
Exploits0
erpscan
erpscan
added 2014/06/11 12:0 a.m.103 views

SAP NetWeaver Portal XMLValidationComponent - XXE

Application: SAP NetWeaver Portal Versions Affected: SAP NetWeaver Portal 7.31.201109172004 Vendor URL: http://www.sap.com Bugs: XML External Entity Reported: 06.11.2014 Vendor response: 07.11.2014 Date of Public Advisory: 15.02.2015 Reference: SAP Security Note 2093966 Authors: Vahagn Vardanyan...

5CVSS0.3AI score0.02503EPSS
Exploits0
erpscan
erpscan
added 2009/03/18 12:0 a.m.102 views

Oracle Application Server — Linked XSS vulnerability

Application: Oracle BPEL Console version 10.1.3.3.0 Versions Affected: Oracle BPEL Console version 10.1.3.3.0 Vendor URL: Bugs: XSS Exploits: YES Reported: 18.03.2009 Vendor response: 19.03.2009 Date of Public Advisory: 20.10.2010 CVE: CVE-2010-3581 Author: Alexandr Polyakov Description XSS in...

3.5CVSS5.3AI score0.01763EPSS
Exploits1
erpscan
erpscan
added 2015/07/29 12:0 a.m.95 views

SAP xMII - directory traversal vulnerability

Application: SAP xMII Versions Affected: SAP MII 15.0 Vendor URL: SAP Bugs: Directory traversal Reported: 29.07.2015 Vendor response: 30.07.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2230978 Author: Dmitry Chastuhin ERPScan VULNERABILITY INFORMATION Class: CWE-36 Impact...

7.8CVSS1.1AI score0.4145EPSS
Exploits4
erpscan
erpscan
added 2015/07/17 12:0 a.m.95 views

Oracle E-Business Suite - Cross-site Scripting vulnerability

Application: E-Business Suite Vendor URL: Oracle Bugs: Cross-site Scripting Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin ERPScan VULNERABILITY INFORMATION Class: Cross-site...

4.3CVSS0.8AI score0.03152EPSS
Exploits0
erpscan
erpscan
added 2015/08/18 12:0 a.m.79 views

SAP NetWeaver AS JAVA - SQL injection vulnerability

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 – 7.5 Vendor URL: SAP Bugs: SQL injection Reported: 18.08.2015 Vendor response: 19.08.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2101079 Author: Vahagn Vardanyan ERPScan VULNERABILITY...

0.5AI score
Exploits0
erpscan
erpscan
added 2014/08/25 12:0 a.m.78 views

SAP Kernel - RCE, DoS

Application: SAP NetWeaver Dispatcher Versions Affected: SAP Kernel 7.00 32BIT, 7.40 64BIT Vendor URL: http://www.sap.com Bugs: Buffer Overflow – RCE, DoS Exploits: YES Reported: 25.08.2014 Vendor response: 25.08.2014 Date of Public Advisory: 15.12.2014 Reference: SAP Security Note 2059734 Author...

6.5CVSS1.1AI score0.0237EPSS
Exploits0
erpscan
erpscan
added 2015/10/08 12:0 a.m.77 views

SAP NetWeaver 7.4 (ProxyServer servlet) - XSS vulnerability

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.4 Vendor URL: SAP Bugs: Cross Site Scripting XSS Reported: 10.08.2015 Vendor response: 11.08.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2220571 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class...

4.3CVSS0.2AI score0.01546EPSS
Exploits1
erpscan
erpscan
added 2010/03/22 12:0 a.m.76 views

Oracle Document Capture empop3.dll — insecure method

Application: Oracle Document Capture Versions Affected: 6.4 — 7.2 Vendor URL: http://www.oracle.com Bugs: Insecure method, File overwriting, File deleting Exploits: YES Reported: 22.03.2010 Vendor response: 31.03.2010 Date of Public Advisory: 24.01.2011 CVE-number:CVE-2010-3591 Author: Evdokimov...

9.3CVSS0.5AI score0.11818EPSS
Exploits10
erpscan
erpscan
added 2009/03/03 12:0 a.m.75 views

Oracle BI Publisher — Response Splitting

Application: Oracle Business Intelligence Enterprise Edition 10.1.3.4.0 Versions Affected: Oracle Business Intelligence Enterprise Edition 10.1.3.4.0 Vendor URL: Bugs: Response Splitting, XSS, Phishing credentials Exploits: YES Reported: 03.03.2009 Vendor response: 04.03.2009 Last response:...

4.3CVSS5.4AI score0.01495EPSS
Exploits1
erpscan
erpscan
added 2016/01/02 12:0 a.m.71 views

SAP ASE ODATA Server - Denial of Service

Application: SAP ASE Versions Affected: SAP ASE 16 Vendor URL: SAP Bugs: Denial of Service Reported: 01.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 12.10.2016 Reference: SAP Security Note 2330422 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: Denial of Service...

5CVSS1.3AI score0.0372EPSS
Exploits2
erpscan
erpscan
added 2015/07/17 12:0 a.m.70 views

Oracle E-Business Suite - XXE injection vulnerability

Application: E-Business Suite Vendor URL: Oracle Bugs: XXE injection Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin ERPScan VULNERABILITY INFORMATION Class: XML External Entit...

6.8CVSS2AI score0.03088EPSS
Exploits0
erpscan
erpscan
added 2010/01/29 12:0 a.m.70 views

Oracle Document Capture ImportBodyText — read files

Application: Oracle Document Capture Versions Affected: 10.1350.0005 Vendor URL: Oracle Bugs: Unsecure READ method Exploits: YES Reported: 29.01.2010 Second report: 02.02.2010 Date of Public Advisory: 24.01.2010 CVE-number:CVE-2010-3595 Author: Alexey Sintsov Description EasyMail ActiveX Control...

7.8CVSS1.5AI score0.1193EPSS
Exploits5
erpscan
erpscan
added 2016/01/11 12:0 a.m.69 views

SAP AS JAVA DoS in BC-IAM-SSO-OTP package via QR Servlet

Application: SAP AS JAVA SSO Authentication Library Versions Affected: SAP AS JAVA SSO Authentication Library 2.0-3.0 Vendor URL: SAP Bugs: DoS Reported: 01.11.2016 Vendor response: 02.11.2016 Date of Public Advisory: 10.01.2017 Reference: SAP Security Note 2389042 Author: Vahagn Vardanyan ERPSca...

5CVSS0.3AI score0.36219EPSS
Exploits0
erpscan
erpscan
added 2015/04/12 12:0 a.m.68 views

SAP JAVA AS icman - DoS vulnerability

Application: SAP JAVA AS Versions Affected: SAP JAVA AS 7.2 – 7.4 Vendor URL: SAP Bugs: Denial of Service Reported: 04.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 14.03.2016 Reference: SAP Security Note 2256185 Author: Dmitry Yudin ERPScan @ret5et Vulnerability Information Class:...

5CVSS1.4AI score0.06371EPSS
Exploits0
erpscan
erpscan
added 2014/09/04 12:0 a.m.67 views

SAP HANA metadata.xsjs - SQL injection

Application: SAP HANA Versions Affected: 1.00.60.379371 Vendor URL: http://www.sap.com Bugs: SQL injection Exploits: YES Reported: 09.04.2014 Vendor response: 10.04.2014 Date of Public Advisory: 17.10.2014 Reference: SAP Security Note 2067972 Author: Dmitry Chastukhin ERPScan Description SQL...

0.2AI score
Exploits0
erpscan
erpscan
added 2014/06/11 12:0 a.m.67 views

SAP Management Console ReadProfile Parameters - Information disclosure

Application: SAP NetWeaver 7.40 Vendor URL: http://www.sap.com Bugs: Information disclosure Reported: 06.11.2014 Vendor response: 07.11.2014 Date of Public Advisory: 15.03.2015 Reference: SAP Security Note 2091768 Authors: Dmitry Chastukhin ERPScan VULNERABILITY INFORMATION Class: Information...

5CVSS0.1AI score0.02395EPSS
Exploits0
erpscan
erpscan
added 2009/04/20 12:0 a.m.62 views

Oracle BI — WB_OLAP_AW_REMOVE_SOLVE_ID - privilege escalation

Application: Oracle BI Versions Affected: Oracle BI Oracle Warehouse Builder 10.2.0.5, 11.1.0.7 Vendor URL: http://oracle.com Bugs: PL/SQL Injection, privilege escalation Exploits: YES Reported: 20.04.2009 Vendor response: 22.04.2009 Last response: 12.04.2011 Date of Public Advisory: 16.06.2011...

6.5CVSS1.3AI score0.01735EPSS
Exploits4
erpscan
erpscan
added 2016/04/22 12:0 a.m.60 views

SAP NetWeaver AS JAVA XSS in portal app component

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java RTC 7.0-7.3 Vendor URL: SAP Bugs: XSS Reported: 22.04.2016 Vendor response: 23.04.2016 Date of Public Advisory: 10.01.2017 Reference: SAP Security Note 2341302 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION...

6.6AI score
Exploits0
erpscan
erpscan
added 2015/07/17 12:0 a.m.58 views

SAP HANA hdbindexserver - Memory corruption

Application: SAP HANA Versions Affected: SAP HANA 1.00.095 Vendor URL: http://www.sap.com Bugs: RCE, Memory corruption Reported: 17.07.2015 Vendor response: 18.07.2015 Date of Public Advisory: 13.10.2015 Reference: SAP Security Note 2197428 Authors: Mathieu Geli ERPScan VULNERABILITY INFORMATION...

7.5CVSS1.1AI score0.06242EPSS
Exploits5
erpscan
erpscan
added 2011/03/14 12:0 a.m.58 views

SAP NetWeaver - Authentication bypass (Verb Tampering)

Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs:Auth bypass, Verb tampering Exploits: YES Reported: 14.03.2011 Vendor response:15.03.2011 Date of Public Advisory:11.11.2011 CVSS: 10 by ERPSCAN 7.3 by SAP Author:Alexandr Polyakov Description...

1.2AI score
Exploits0
erpscan
erpscan
added 2016/09/03 12:0 a.m.57 views

SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component (CVE-2016-9563)

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.5 Vendor URL: SAP Bugs: XXE Reported: 09.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 09.08.2016 Reference: SAP Security Note 2296909 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XXE...

4CVSS0.1AI score0.23805EPSS
Exploits0
erpscan
erpscan
added 2010/01/25 12:0 a.m.55 views

SAP NetWeaver XI SOAP Adapter — XSS

Application: SAP NetWeaver Versions Affected: SAP NetWeaver XI SOAP Adapter 3.0-7.11 Vendor URL: Bugs: XSS Exploits: YES Reported: 25.01.2010 Vendor response: 25.01.2010 Date of Public Advisory: 09.03.2011 CVE-number: Author: Dmitriy Evdokimov Description SAP Netweaver 70 application XI SOAP...

6.1AI score
Exploits0
erpscan
erpscan
added 2009/04/20 12:0 a.m.55 views

Oracle BI — WB_OLAP_AW_SET_SOLVE_ID - privilege escalation

Application: Oracle BI Versions Affected: Oracle BI Oracle Warehouse Builder 10.2.0.5, 11.1.0.7 Vendor URL: http://oracle.com Bugs: PL/SQL Injection, privilege escalation Exploits: YES Reported: 20.04.2009 Vendor response: 22.04.2009 Last response: 12.04.2011 Date of Public Advisory: 24.05.2011...

6.5CVSS1.3AI score0.01447EPSS
Exploits0
erpscan
erpscan
added 2014/09/12 12:0 a.m.53 views

SAP Afaria 7 XcListener - Buffer overflow

Application: SAP Afaria 7.0.6001.5 Vendor URL: http://www.sap.com Bugs: BoF Reported: 09.12.2014 Vendor response: 10.12.2014 Date of Public Advisory: 15.03.2015 Reference: SAP Security Note 2132584 Author: Vahagn Vardanyan ERPScan Vulnerability information Class: DoS CWE-400 Impact: DoS Remotely...

5CVSS0.5AI score0.03604EPSS
Exploits0
erpscan
erpscan
added 2016/04/22 12:0 a.m.51 views

SAP NetWeaver AS JAVA icman - DoS vulnerability (CVE-2016-9562)

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.4 Vendor URL: SAP Bugs: Denial of Service Reported: 22.04.2016 Vendor response: 23.04.2016 Date of Public Advisory: 09.08.2016 Reference: SAP Security Note 2313835 Author: Vahagn Vardanyan ERPScan VULNERABILITY...

5CVSS0.3AI score0.03882EPSS
Exploits0
erpscan
erpscan
added 2015/07/17 12:0 a.m.51 views

Oracle E-Business Suite - Database user enumeration vulnerability

Application: E-Business Suite Vendor URL: Oracle Bugs: User enumeration Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin, Egor Karbutov ERPScan VULNERABILITY INFORMATION Class:...

4.3CVSS1.4AI score0.02558EPSS
Exploits0
Total number of security vulnerabilities291