Netweaver@4.0 Security Vulnerabilities and Issues — Netweaver@4.0 CVE List

Lucene search

SapNetweaver4.0

4 matches found

CVE•added 2013/11/20 2:12 p.m.•90 views

CVE-2013-6815

The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue.

5CVSS6.9AI score0.00704EPSS

CVE•added 2013/10/24 12:55 a.m.•66 views

CVE-2013-6244

The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to ...

5CVSS7AI score0.00718EPSS

CVE•added 2010/04/29 5:30 p.m.•41 views

CVE-2010-1609

Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00309EPSS

CVE•added 2013/02/12 8:55 p.m.•38 views

CVE-2011-5260

Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via the page parameter.

4.3CVSS5.9AI score0.00285EPSS