Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap customer relationship management 7.02 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2013-7095
The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.
Sap Customer Relationship Management 7.02
655
VMScore
CVE-2018-2380
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an malicious user to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
Sap Customer Relationship Management 7.33
Sap Customer Relationship Management 7.01
Sap Customer Relationship Management 7.02
Sap Customer Relationship Management 7.30
Sap Customer Relationship Management 7.31
Sap Customer Relationship Management 7.54
1 EDB exploit
1 Github repository
1 Article
445
VMScore
CVE-2014-1962
Gwsync in SAP CRM 7.02 EHP 2 allows remote malicious users to obtain sensitive information via unspecified vectors, related to an XML External Entity (XXE) issue.
Sap Customer Relationship Management 7.02
312
VMScore
CVE-2019-0368
SAP Customer Relationship Management (Email Management), versions: S4CRM prior to 1.0 and 2.0, BBPCRM prior to 7.0, 7.01, 7.02, 7.12, 7.13 and 7.14, does not sufficiently encode user-controlled inputs within the mail client resulting in Cross-Site Scripting vulnerability.
Sap Customer Relationship Management S4crm 1.0
Sap Customer Relationship Management S4crm 2.0
Sap Customer Relationship Management Bbpcrm 7.0
Sap Customer Relationship Management Bbpcrm 7.01
Sap Customer Relationship Management Bbpcrm 7.02
Sap Customer Relationship Management Bbpcrm 7.13
Sap Customer Relationship Management Bbpcrm 7.12
Sap Customer Relationship Management Bbpcrm 7.14
NA
CVE-2023-24525
SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of t...
Sap Customer Relationship Management Webclient Ui 7.01
Sap Customer Relationship Management Webclient Ui 7.31
Sap Customer Relationship Management Webclient Ui 7.48
Sap Customer Relationship Management Webclient Ui 8.00
Sap Customer Relationship Management Webclient Ui 8.01
Sap Customer Relationship Management Webclient Ui 7.00
Sap Customer Relationship Management Webclient Ui 7.02
Sap Customer Relationship Management Webclient Ui 7.40
Sap Customer Relationship Management Webclient Ui 7.50
Sap Customer Relationship Management Webclient Ui 7.52
Sap S4fnd 1.02
Sap S4fnd 1.03
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started