2 matches found
CVE-2014-8315
CVE-2014-8315 affects polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882. The issue is a timing-based side-channel that allows remote attackers to perform port scanning via a host name and port provided in the cms parameter. Connected records confirm the product/version and the des...
CVE-2014-8316
CVE-2014-8316 is an XML External Entity (XXE) vulnerability in SAP BusinessObjects Explorer 14.0.5 build 882, affecting polestar_xml.jsp. The issue enables remote attackers to read arbitrary files through the xmlParameter parameter in an explorationSpaceUpdate request, implying potential partial ...