Netweaver@7.30 Security Vulnerabilities and Issues — Netweaver@7.30 CVE List

Lucene search

SapNetweaver7.30

6 matches found

CVE•added 2013/11/20 2:12 p.m.•90 views

CVE-2013-6815

The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue.

5CVSS6.9AI score0.00704EPSS

CVE•added 2013/10/24 12:55 a.m.•66 views

CVE-2013-6244

The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to ...

5CVSS7AI score0.00718EPSS

CVE•added 2013/11/23 7:55 p.m.•37 views

CVE-2013-6869

SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5CVSS8.6AI score0.00458EPSS

CVE•added 2013/12/13 8:8 p.m.•36 views

CVE-2013-7094

SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5CVSS8.6AI score0.00706EPSS

CVE•added 2013/09/16 7:14 p.m.•33 views

CVE-2013-5751

Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors.

5CVSS6.9AI score0.00504EPSS

CVE•added 2013/09/12 1:31 p.m.•31 views

CVE-2013-5723

SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0_DELETE_DERIVATION_TABLE."

7.5CVSS8.7AI score0.00791EPSS