Netweaver@7.0 Security Vulnerabilities and Issues — Netweaver@7.0 CVE List

Lucene search

SapNetweaver7.0

5 matches found

CVE•added 2013/11/20 2:12 p.m.•90 views

CVE-2013-6815

The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue.

5CVSS6.9AI score0.00704EPSS

CVE•added 2013/02/12 8:55 p.m.•66 views

CVE-2011-5263

Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the server parameter.

4.3CVSS5.9AI score0.00475EPSS

CVE•added 2013/10/24 12:55 a.m.•66 views

CVE-2013-6244

The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to ...

5CVSS7AI score0.00718EPSS

CVE•added 2013/02/12 8:55 p.m.•38 views

CVE-2011-5260

Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via the page parameter.

4.3CVSS5.9AI score0.00285EPSS

CVE•added 2013/09/16 7:14 p.m.•33 views

CVE-2013-5751

Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors.

5CVSS6.9AI score0.00504EPSS