Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects 4.2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-0251
The Fiori Launchpad of SAP BusinessObjects, prior to 4.2 and 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects 4.3
Sap Businessobjects 4.2
7.5
CVSSv2
CVE-2019-0259
SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an malicious user to upload any file (including script files) without proper file format validation.
Sap Businessobjects 4.3
Sap Businessobjects 4.2
6.8
CVSSv2
CVE-2019-0287
Under certain conditions SAP BusinessObjects Business Intelligence platform (Central Management Server), versions 4.2 and 4.3, allows an malicious user to access information which would otherwise be restricted.
Sap Businessobjects 4.3
Sap Businessobjects 4.2
5.8
CVSSv2
CVE-2019-0289
Under certain conditions SAP BusinessObjects Business Intelligence platform (Analysis for OLAP), versions 4.2 and 4.3, allows an malicious user to access information which would otherwise be restricted.
Sap Businessobjects 4.2
Sap Businessobjects 4.3
4.3
CVSSv2
CVE-2019-0303
SAP BusinessObjects Business Intelligence Platform (Administration Console), versions 4.2, 4.3, module BILogon/appService.jsp is reflecting requested parameter errMsg into response content without sanitation. This could be used by an malicious user to build a special url that exe...
Sap Businessobjects 4.2
Sap Businessobjects 4.3
5.5
CVSSv2
CVE-2019-0268
SAP BusinessObjects Business Intelligence Platform (CMC Module), versions 4.10, 4.20 and 4.30, does not sufficiently validate an XML document accepted from an untrusted source.
Sap Businessobjects Business Intelligence 4.3
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.1
4.3
CVSSv2
CVE-2019-0326
SAP BusinessObjects Business Intelligence Platform (BI Workspace) (Enterprise), versions 4.1, 4.2, 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.3
Sap Businessobjects Business Intelligence 4.1
5
CVSSv2
CVE-2019-0331
Under certain conditions, SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, allows an malicious user to access sensitive data such as directory structure, leading to Information Disclosure.
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.3
Sap Businessobjects Business Intelligence 4.1
4.9
CVSSv2
CVE-2019-0334
When creating a module in SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, it is possible to store a malicious script which when executed later could potentially allow a user to escalate privileges via session hijacking. The attacker coul...
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.3
Sap Businessobjects Business Intelligence 4.1
4.3
CVSSv2
CVE-2019-0335
Under certain conditions SAP BusinessObjects Business Intelligence Platform (Central Management Console), versions 4.1, 4.2, 4.3, allows an malicious user to store a malicious payload within the description field of a user account. The payload is triggered when the mouse cursor i...
Sap Businessobjects Business Intelligence 4.3
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »