Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap business one 10.0 vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2021-38180
SAP Business One - version 10.0, allows an malicious user to inject formulas when exporting data to Excel (CSV injection) due to improper sanitation during the data export. An attacker could thereby execute arbitrary commands on the victim's computer but only if the victim a...
Sap Business One 10.0
641
VMScore
CVE-2021-27616
Under certain conditions, SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One for SAP HANA, allows an malicious user to exploit an insecure temporary backup path and to access information which would otherwise be restri...
Sap Business One 9.2
Sap Business One 9.3
Sap Business One 10.0
Sap Business One 9.1
Sap Business One 9.0
Sap Business One 8.82
Sap Business-one-hana-chef-cookbook 0.1.7
Sap Business-one-hana-chef-cookbook 0.1.19
Sap Business-one-hana-chef-cookbook 0.1.6
580
VMScore
CVE-2021-33698
SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files) without the proper file format validation.
Sap Business One 10.0
578
VMScore
CVE-2022-31593
SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
Sap Business One 10.0
578
VMScore
CVE-2021-33704
The Service Layer of SAP Business One, version - 10.0, allows an authenticated malicious user to invoke certain functions that would otherwise be restricted to specific users. For an malicious user to discover the vulnerable function, no in-depth system knowledge is required. Onc...
Sap Business One 10.0
445
VMScore
CVE-2022-32249
Under special integration scenario of SAP Business one and SAP HANA - version 10.0, an attacker can exploit HANA cockpit?s data volume to gain access to highly sensitive information (e.g., high privileged account credentials)
Sap Business One 10.0
445
VMScore
CVE-2022-28771
Due to missing authentication check, SAP Business one License service API - version 10.0 allows an unauthenticated malicious user to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible.
Sap Business One License Service Api 10.0
445
VMScore
CVE-2022-35168
Due to improper input sanitization of XML input in SAP Business One - version 10.0, an attacker can perform a denial-of-service attack rendering the system temporarily inoperative.
Sap Business One 10.0
445
VMScore
CVE-2021-33686
Under certain conditions, SAP Business One version - 10.0, allows an unauthorized malicious user to get access to some encrypted sensitive information, but does not have control over kind or degree.
Sap Business One 10.0
409
VMScore
CVE-2021-33700
SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take ...
Sap Business One 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »