Lucene search
K
ErpscanMost viewed

291 matches found

erpscan
erpscan
added 2010/05/02 12:0 a.m.28 views

SAP NetWeaver logon.html — XSS

Application: SAP NetWeaver Versions Affected: SAP NetWeaver SAPBASIS 620-730 Vendor URL: Bugs: XSS Exploits: YES Reported: 05.02.2010 Vendor response: 06.02.2010 Date of Public Advisory: 09.03.2011 CVE-number: Author: Alexey Sintsov Description SAP NetWeaver BSP logon page has linked XSS...

6.1AI score
Exploits0
erpscan
erpscan
added 2008/11/17 12:0 a.m.28 views

Oracle Database 11g — EXFSYS PL/SQL injection vulnerability

Application: Oracle database 11G Versions Affected: Oracle 11.1.0.6 and 10.2.0.1 Vendor URL: http://oracle.com Bugs: PL/SQL Injections Exploits: YES Reported: 17.11.2008 Vendor response: 18.11.2008 Last response: 24.11.2008 Date of Public Advisory: 13.01.2009 Author: Alexandr Polyakov Description...

0.9AI score
Exploits0
erpscan
erpscan
added 2010/07/29 12:0 a.m.27 views

SAP NetWeaver Portal IView - XSS

Application: SAP NetWeaver Portal Vendor URL: Bugs: XSS Risk: Medium Exploits: YES Reported: 29.07.2010 Vendor response: 30.07.2010 Patched: 13.03.2012 Date of Public Advisory: 17.06.2012 Reference: SAP Security Note 1656549 Author: Dmitriy Chastuchin ERPScan Description SAP NetWeaver Portal...

6.1AI score
Exploits0
erpscan
erpscan
added 2016/01/11 12:0 a.m.26 views

SAP Hostcontrol remote DOS

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java 7.0 – 7.5 Vendor URL: SAP Bug: DoS Reported: 01.11.2016 Vendor response: 02.11.2016 Date of Public Advisory: 13.06.2017 Reference: SAP Security Note 2389181 Authors: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: D...

7.1AI score
Exploits0
erpscan
erpscan
added 2015/12/08 12:0 a.m.26 views

SAP NetWeaver AS JAVA - XSS vulnerability

Application: SAP NetWeaver Portal 7.4 Vendor URL: SAP Bug: XSS Reported: 12.08.2015 Vendor response: 13.08.2015 Date of Public Advisory: 14.06.2016 Reference: SAP Security Note 2256178 Author: Vahagn VardanyanERPScan VULNERABILITY INFORMATION Class: XSS Impact: modify displayed content from a Web...

6.1AI score
Exploits0
erpscan
erpscan
added 2011/06/12 12:0 a.m.26 views

SAP NetWeaver AdapterFramework - information disclosure

Application: SAP NetWeaver J2EE Versions Affected: SAP NetWeaver J2EE Vendor URL: http://www.sap.com Bugs: Information Disclosure Exploits: YES Reported: 06.12.2011 Vendor response: 07.12.2011 Date of Public Advisory: 13.11.2012 Reference: SAP Security Note 1679897 Authors: Dmitry Chastukhin...

0.5AI score
Exploits0
erpscan
erpscan
added 2010/09/12 12:0 a.m.26 views

SAP Crystal Report Server pubDBLogon - Linked ХSS vulnerability

Application: SAP Crystal Report Server 2008 Versions Affected: SAP Crystal Report Server 2008 Vendor URL: http://www.sap.com Bugs:Linked XSS Vulnerability Exploits: YES Reported: 09.12.2010 Vendor response:10.12.2010 Date of Public Advisory:15.09.2011 CVSS: 4.3 Author: Dmitriy Chastuchin...

Exploits0
erpscan
erpscan
added 2010/03/29 12:0 a.m.26 views

SAP Crystal Reports 2008 — Directory Traversal

Application: SAP Crystal Report Server 2008 Versions Affected: SAP Crystal Report Server 2008 Vendor URL: http://www.sap.com Bugs: Directory Traversal File Read Exploits: YES Reported: 29.03.2010 Vendor response: 30.03.2010 Date of SAP Security Note Published: 08.10.2010 Date of Public Advisory:...

0.2AI score
Exploits0
erpscan
erpscan
added 2015/09/28 12:0 a.m.25 views

SAP HANA hdbxsengine JSON - DoS

Application: SAP HANA Versions Affected: SAP HANA 1.00.095 Vendor URL: http://www.sap.com Bugs: DoS Reported: 28.09.2015 Vendor response: 29.09.2015 Date of Public Advisory: 12.01.2016 Reference: SAP Security Note 2241978 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: DoS Impact:...

0.3AI score
Exploits0
erpscan
erpscan
added 2014/11/06 12:0 a.m.25 views

Oracle Weblogic Application Server – Authorization bypass

Application: Oracle Weblogic Application Server Versions Affected: WebLogic Server 10.3.6.0/10.3.1.0, maybe others Vendor URL: http://www.oracle.com Bugs: Authorization bypass Exploits: YES Reported: 11.06.2014 Vendor response: 12.06.2014 Date of Public Advisory: 17.10.2014 Reference: Oracle CPU...

0.6AI score
Exploits0
erpscan
erpscan
added 2014/05/30 12:0 a.m.25 views

SAP NetWeaver Dispatcher Multiple Vulnerabilities - RCE, DoS

Application: SAP NetWeaver Dispatcher Versions Affected: SAP KERNEL 7.00 32BIT, disp+work.exe 7000.52.12.34966 Vendor URL: http://www.sap.com Bugs: Buffer overflow CWE-119, Integer overflow CWE-190, Improper Input Validation CWE-20 CVSS: AV:N/AC:H/Au:S/C:C/I:C/A:C 7.1 Exploits: PoC Reported:...

1.6AI score
Exploits0
erpscan
erpscan
added 2013/04/20 12:0 a.m.25 views

SAP Portal webdynpro - information disclosure

Application: SAP NetWeaver J2EE 7.31 Vendor URL: SAP Bug: Information Disclosure Reported: 20.04.2013 Vendor response: 21.04.2013 Date of Public Advisory: 14.06.2016 Reference: SAP Security Note 2197262 Author: Alexander Polyakov VULNERABILITY INFORMATION Class: Information disclosure Impact:...

Exploits0
erpscan
erpscan
added 2012/07/16 12:0 a.m.25 views

Oracle JVM gopher protocol - SSRF

Application: Oracle JVM Versions Affected: Oracle JVM Vendor URL: http://www.oracle.com Bugs: Security Bypass, SSRF Exploits: YES Reported: 16.07.2012 Vendor response: 18.07.2012 Date of Public Advisory: 23.10.2012 Reference: Oracle CPU October 2012 Authors: Alexander Polyakov ERPScan Description...

1AI score
Exploits0
erpscan
erpscan
added 2011/07/29 12:0 a.m.25 views

SAP NetWeaver J2EE MeSync – information disclose

Application: SAP NetWeaver Versions Affected: SAP NetWeaver MI 2 Vendor URL: http://www.sap.com Bugs:information disclosure Exploits: YES Reported: 29.07.2011 Vendor response:30.07.2011 Date of Public Advisory:11.11.2011 Author: Alexander Polyakov Description Attacker can get information about...

0.8AI score
Exploits0
erpscan
erpscan
added 2011/05/13 12:0 a.m.25 views

SAP NetWeaver EPS - Multiple missing auth check

Application: SAP NetWeaver ABAP Versions Affected: SAP NetWeaver ABAP Vendor URL: http://www.sap.com Bugs:Auth bypass, directory traversal, smbrelay Exploits: YES Reported: 13.05.2011 Vendor response: 15.05.2011 Date of Public Advisory: 17.06.2012 Author: Alexey Tyurin ERPScan Description A...

0.6AI score
Exploits0
erpscan
erpscan
added 2011/03/14 12:0 a.m.25 views

SAP NetWeaver TH_GREP module - Code injection vulnerability (NEW)

Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs:Command execution Exploits: YES Reported: 14.03.2011 Vendor response:16.03.2011 Date of Public Advisory:11.11.2011 CVSS: 6.0 Author: Alexey Tyurin Description THGREP report is vulnerable for command...

0.9AI score
Exploits0
erpscan
erpscan
added 2010/09/06 12:0 a.m.25 views

SAP NetWeaver Integration Directory — Multiple XSS

Application: SAP NetWeaver XI Versions Affected: SAP NetWeaver XI Vendor URL: Bugs: XSS Exploits: YES Reported: 09.06.2010 Vendor response: 10.06.2010 Date of Public Advisory: 09.03.2011 CVE-number: Author: Dmitriy Evdokimov Description SAP NetWeaver Integration Directory has multiple linked XSS...

6.2AI score
Exploits0
erpscan
erpscan
added 2010/04/03 12:0 a.m.25 views

SAP Crystal Reports 2008 — actionNavjsp_xss

Application: SAP Crystal Report Server 2008 Versions Affected: SAP Crystal Report Server 2008 Vendor URL: http://www.sap.com Bugs: Linked XSS Vulnerability Exploits: YES Reported: 04.03.2010 Vendor response: 05.03.2010 Date of SAP Security Note Published: 08.10.2010 Date of Public Advisory:...

0.1AI score
Exploits0
erpscan
erpscan
added 2009/03/18 12:0 a.m.25 views

SAP NetWeaver Application Server (UDDI client) XSS Vulnerability

Application: SAP NetWeaver Application Server Java Versions Affected: Version 7.0 Vendor URL: Bugs: XSS Exploits: YES Reported: 18.03.2009 Vendor response: 19.03.2009 Date of Public Advisory: 11.08.2009 Reference: SAP Security Note 1322098 Author: Alexandr Polyakov Description SAP NetWeaver...

6.2AI score
Exploits0
erpscan
erpscan
added 2008/11/20 12:0 a.m.25 views

SAP SAPDB (WEB DBM) XSS Vulnerability

Application: SAPDB Versions Affected: Last Vendor URL: Bugs: XSS Exploits: YES Reported: 20.11.2008 Vendor response: 20.11.2008 Date of Public Advisory: 31.03.2009 Description SAP MaxDB Web Database engine which listens port 9999 has a Linked XSS security vulnerability. Business Risk An attacker...

6.3AI score
Exploits0
erpscan
erpscan
added 2012/10/02 12:0 a.m.24 views

SAP NetWeaver SDM - authentication bypass

Application: SAP NetWeaver SDM Versions Affected: SAP NetWeaver SDM Vendor URL: http://www.sap.com Bugs: Auth Bypass Exploits: YES Reported: 10.02.2012 Vendor response: 11.02.2012 Date of Public Advisory: 10.10.2012 Reference: SAP Security Note 1724516 Authors: Alexander Polyakov ERPScan...

1.3AI score
Exploits0
erpscan
erpscan
added 2012/10/02 12:0 a.m.24 views

SAP NetWeaver Mobile - XSS

Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: XSS Exploits: no Reported: 10.02.2012 Vendor response: 10.03.2012 Date of Public Advisory: 13.11.2012 Reference: SAP Security Note 1669031 Author: Alexander Polyakov ERPScan Description SAP NetWeaver...

6.5AI score
Exploits0
erpscan
erpscan
added 2012/09/25 12:0 a.m.24 views

SAP NetWeaver HTTP - Partial HTTP POST requests DoS

Application: SAP Versions Affected: SAP Netweaver 7.02/7.3, probably others Vendor URL: http://www.sap.com Bugs: Denial of Service Exploits: YES Reported: 25.09.2012 Vendor response: 26.09.2012 Date of Public Advisory: 17.10.2014 Reference: SAP Security Note 1986725 Author: Alexey Tyurin ERPScan...

0.4AI score
Exploits0
erpscan
erpscan
added 2012/09/25 12:0 a.m.24 views

SAP NetWeaver Management Console (gSOAP) - Partial HTTP POST requests DoS

Application: SAP Versions Affected: SAP Netweaver 7.02/7.3, probably others Vendor URL: http://www.sap.com Bugs: Denial of Service Exploits: YES Reported: 25.09.2012 Vendor response: 26.09.2012 Date of Public Advisory: 17.10.2014 Reference: SAP Security Note 1986725 Author: Igor Ilyin, Alexey...

0.5AI score
Exploits0
erpscan
erpscan
added 2012/07/13 12:0 a.m.24 views

SAP NetWeaver DIR error - XSS

Application: SAP NetWeaver Integration Repository Versions Affected: SAP NetWeaver Integration Repository Vendor URL: http://www.sap.com Bugs: XSS Reported: 13.07.2012 Vendor response: 14.07.2012 Date of Public Advisory: 25.01.2014 Reference: SAP Security Note 1788080 CVSS:...

0.2AI score
Exploits0
erpscan
erpscan
added 2011/03/21 12:0 a.m.24 views

SAP XI - authentication bypass

Application: SAP NetWeaver XI Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Security Bypass Exploits: YES Reported: 21.03.2011 Vendor response: 22.03.2011 Date of Public Advisory: 11.09.2012 Reference: SAP Security Note 1707494 Authors: Alexander Polyakov, Alexey Tyurin,...

0.2AI score
Exploits0
erpscan
erpscan
added 2007/12/18 12:0 a.m.24 views

Oracle Database 10g — Code Execution and SQL injection

Application: Oracle Database Versions Affected: Oracle Database 10g R1 Vendor URL: Bugs: SQL Injection,Buffer Owerflov Exploits: YES Reported: 18.12.2007 Vendor response: 20.12.2007 Date of Public Advisory: 16.01.2008 Author: Alexandr Polyakov Description Buffer overflow in...

2.9AI score
Exploits0
erpscan
erpscan
added 2013/10/07 12:0 a.m.23 views

SAP NetWeaver Message Server – DoS

Application: SAP NetWeaver Message Server Versions Affected: SAP KERNEL 7.20 32BIT Vendor URL: http://www.sap.com Bugs: Improper Input Validation Exploits: PoC Reported: 10.07.2013 Vendor response: 11.07.2013 Date of Public Advisory: 25.01.2014 Reference: SAP Security Note 1773912 Author: George...

0.5AI score
Exploits0
erpscan
erpscan
added 2012/10/02 12:0 a.m.23 views

SAP NetWeaver SDM Admin - DoS

Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Information Disclosure Exploits: YES Reported: 10.02.2012 Vendor response: 11.02.2012 Date of Public Advisory: 10.10.2012 Reference: SAP Security Note 1724516 Authors: Alexander Polyakov ERPScan...

0.7AI score
Exploits0
erpscan
erpscan
added 2012/09/25 12:0 a.m.23 views

SAP NetWeaver J2EE Engine - Partial HTTP POST requests DoS

Application: SAP Versions Affected: SAP Netweaver 7.02/7.3, probably others Vendor URL: http://www.sap.com Bugs: Denial of Service Exploits: YES Reported: 25.09.2012 Vendor response: 26.09.2012 Date of Public Advisory: 17.10.2014 Reference: SAP Security Note 1986725 Author: Igor Ilyin, Alexey...

0.6AI score
Exploits0
erpscan
erpscan
added 2011/12/03 12:0 a.m.23 views

SAP NetWeaver SOAP RFC - CSRF

Application: SAP BASIS Vendor URL: http://www.sap.com Bugs: CSRF Exploits: YES Reported: 12.03.2011 Vendor response:13.03.2011 Date of SAP Security Note published: 14.08.2012 Date of Public Advisory:13.11.2012 Reference: SAP Security Note 1728500 Author: Alexey Tyurin ERPScan Description It is...

Exploits0
erpscan
erpscan
added 2011/08/04 12:0 a.m.23 views

SAP NetWeaver Internet Sales-Multiple XSS - 2

Application: SAP NetWeaver Vendor URL: Bugs: XSS Risk: Medium Exploits: YES Reported: 08.04.2011 Vendor response: 10.04.2011 Patched: 13.11.2011 Date of Public Advisory: 13.03.2012 Reference: SAP Security Note 1584030 Author: Dmitriy Chastuchin ERPScan Description SAP NetWeaver Internet...

6.1AI score
Exploits0
erpscan
erpscan
added 2011/07/12 12:0 a.m.23 views

SAP Netweaver CCMS - XML External Entity

Application: SAP NetWeaver ABAP Versions Affected: SAP NetWeaver ABAP Vendor URL: http://www.sap.com Bugs: XML External Entity Exploits: YES Reported: 07.12.2011 Vendor response: 08.12.2011 Date of Public Advisory: 13.11.2012 Reference: SAP Security Note 1715040 Authors: Alexey Tyurin ERPScan...

0.7AI score
Exploits0
erpscan
erpscan
added 2011/05/13 12:0 a.m.23 views

SAP Netweaver ABAP - XML External Entity

Application: SAP NetWeaver ABAP Vendor URL: Bugs: XXE, Unauthorized access Risk: High Exploits: YES Reported: 13.05.2011 Vendor response: 17.05.2011 Patched: 13.11.2011 Date of Public Advisory: 13.03.2012 Reference: SAP Security Note 1594475 Author: Alexey Tyurin ERPScan Description SAP Netweaver...

0.7AI score
Exploits0
erpscan
erpscan
added 2010/06/08 12:0 a.m.23 views

SAP NetWeaver Workflow Modeler - Multiple XSS

Application: SAP NetWeaver Workflow Modeler Versions Affected: SAP NetWeaver NW2004s SP6 Workflow Modeler Vendor URL: http://www.sap.com Bugs: XSS Exploits: YES Reported: 06.08.2010 Vendor response: 07.08.2010 Date of Public Advisory: 12.02.2014 Reference: SAP Security Note 1860923 Author:...

0.3AI score
Exploits0
erpscan
erpscan
added 2010/06/08 12:0 a.m.23 views

SAP Crystal Reports 2008 — Multiple XSS

Application: SAP Crystal Report Server 2008 Versions Affected: AP Crystal Report Server 2008 Vendor URL: http://www.sap.com Bugs: Linked XSS Vulnerability Exploits: YES Reported: 06.08.2010 Vendor response: 07.08.2010 Date of Public Advisory: 09.03.2011 Author: Dmitriy Chastuhin Description...

6.3AI score
Exploits0
erpscan
erpscan
added 2010/03/22 12:0 a.m.23 views

Oracle Document Capture Actbar2.ocx — Insecure Method

Application: Oracle Document Capture Versions Affected: Release 10gR3 Vendor URL: www.oracle.com Bugs: Insecure method, File overwriting Exploits: YES Reported: 22.03.2010 Vendor response: 31.03.2010 Date of Public Advisory: 24.01.2011 Author: Evdokimov Dmitriy Description ActiveX components...

1.5AI score
Exploits0
erpscan
erpscan
added 2012/12/03 12:0 a.m.22 views

SAP NetWeaver MMC - CSRF

Application: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: CSRF Exploits: YES Reported: 12.03.2012 Vendor response:13.03.2012 Date of Public Advisory:13.11.2012 Reference: SAP Security Note 1734986 Author: Alexey Tyurin ERPScan Description It is possible to execute commands in SAP system via...

0.2AI score
Exploits0
erpscan
erpscan
added 2011/09/12 12:0 a.m.22 views

SAP NetWeaver Business Communication Broker - multiple XSS

Application: SAP NetWeaver Vendor URL: Bugs: Multiple XSS Risk: High Exploits: YES Reported: 09.12.2011 Vendor response: 10.12.2011 Date of Public Advisory: 20.01.2012 Reference: SAP Security Note 1585652 Description SAP NetWeaver Business Communication Broker has multiple linked XSS vulnerabilie...

6.1AI score
Exploits0
erpscan
erpscan
added 2011/07/30 12:0 a.m.22 views

SAP NetWeaver servlet DataCollector - Multiple XSS

Application: SAP NetWeaver DataCollector Versions Affected: SAP NetWeaver DataCollector Vendor URL: Bugs: XSS E xploits: YES Reported: 30.07.2011 Vendor response: 02.08.2011 Date of Public Advisory: 30.10.2013 Reference: SAP Security Note 1828801 CVSS: AV:N/AC:L/AU:S/C:C/I:N/A:N 6.8 Author: Dmitr...

Exploits0
erpscan
erpscan
added 2011/05/13 12:0 a.m.22 views

SAP NetWeaver Mobile Infrastructure Web Console - XSS

Application: SAP NetWeaver 7.0 Versions Affected: SAP NetWeaver Mobile Infrastructure Web Console Vendor URL: http://www.sap.com Bugs: XSS Exploits: YES Reported: 13.05.2011 Vendor response: 15.05.2011 Date of Public Advisory: 30.06.2012 Reference: SAP Security Note 1590866 Author: Dmitriy...

6.1AI score
Exploits0
erpscan
erpscan
added 2011/02/15 12:0 a.m.22 views

SAP NetWeaver RWB - unauthorized access

Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs:Auth bypass Exploits: YES Reported: 15.02.2011 Vendor response:16.02.2011 Date of Public Advisory:20.01.2011 Author:Alexandr Polyakov Description Unauthorized access is possible to some Runtime Workben...

0.9AI score
Exploits0
erpscan
erpscan
added 2010/11/05 12:0 a.m.22 views

SAP NetWeaver JavaMailExamples - XSS

Application: SAP NetWeaver Versions Affected: SAP NetWeaver JavaMailExamples Vendor URL: http://www.sap.com Bugs:XSS Exploits: YES Reported: 11.05.2010 Vendor response: 12.05.2010 Date of Public Advisory: 19.08.2011 Author: Dmitriy Evdokimov Description SAP Netweaver JavaMailExamples has linked X...

6.1AI score
Exploits0
erpscan
erpscan
added 2010/02/15 12:0 a.m.22 views

SAP NetWeaver MMR — Denail of Service

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.0 metamodel repository Vendor URL: Bugs: Denial of service Exploits: YES Reported: 15.02.2010 Vendor response: 15.02.2010 Date of Public Advisory: 09.11.2010 Author: Alexandr Polyakov Description SAP Netweaver Metamodel Repository can ...

1.9AI score
Exploits0
erpscan
erpscan
added 2016/01/11 12:0 a.m.21 views

SAP AS Java XSS in Enterprise Portal

Application: SAP NetWeaver AS Java Vendor URL: SAP Bugs: XSS Reported: 01.11.2016 Vendor response: 02.11.2016 Date of Public Advisory: 09.05.2017 Reference: SAP Security Note 2412897 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XSS Impact: Account hijacking Remotely...

5.9AI score
Exploits0
erpscan
erpscan
added 2016/01/02 12:0 a.m.21 views

SAP Adaptive Server Enterprise - DoS vulnerability

Application: SAP Adaptive Server Enterprise Versions Affected: SAP Adaptive Server Enterprise 16 Vendor URL: SAP Bug: Denial of Service Reported: 01.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 12.07.2016 Reference: SAP Security Note 2330839 Author: Vahgan Vardanyan ERPScan...

0.7AI score
Exploits0
erpscan
erpscan
added 2014/09/04 12:0 a.m.21 views

SAP HANA Application Lifecycle manager - CSRF token bypass (Verb tampering)

Application: SAP HANA Versions Affected: 1.00.60.379371 Vendor URL: http://www.sap.com Bugs: CSRF token bypass Verb tampering Reported: 09.04.2014 Vendor response: 10.04.2014 Date of Public Advisory: 21.08.2014 Reference: SAP Security Note 2011169 Author: Dmitry Chastukhin ERPScan Description It ...

0.6AI score
Exploits0
erpscan
erpscan
added 2012/09/25 12:0 a.m.21 views

SAP NetWeaver J2EE Engine - Partial HTTP requests DoS

Application: SAP Versions Affected: SAP Netweaver 7.02/7.3, probably others Vendor URL: http://www.sap.com Bugs: Denial of Service Exploits: YES Reported: 25.09.2012 Vendor response: 26.09.2012 Date of Public Advisory: 17.10.2014 Reference: SAP Security Note 1986725 Author: Igor Ilyin, Alexey...

0.5AI score
Exploits0
erpscan
erpscan
added 2012/07/13 12:0 a.m.22 views

SAP GRMGApp - XXE and authentication bypass

Application: SAP NetWeaver J2EE Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Security Bypass, XXE Exploits: YES Reported: 13.07.2012 Vendor response: 14.07.2012 Date of SAP Security Note Published: 08.01.2013 Date of Public Advisory: 28.01.2013 Reference: SAP Security Not...

0.9AI score
Exploits0
erpscan
erpscan
added 2011/07/12 12:0 a.m.21 views

SAP NetWeaver Solution Manager - Missing Authorization Check & Information Disclosure

Application: SAP NetWeaver Solution Manager Versions Affected: SAP NetWeaver Solution Manager Vendor URL: http://www.sap.com Bugs: Missing Authorization Check & Information Disclosure Reported: 07.12.2011 Vendor response: 08.12.2011 Date of Public Advisory: 25.01.2014 Reference: SAP Security Note...

0.3AI score
Exploits0
Total number of security vulnerabilities291