Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.50 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2018-2477
Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source.
Sap Netweaver 7.40
Sap Netweaver 7.31
Sap Netweaver 7.50
Sap Netweaver 7.30
9
CVSSv2
CVE-2021-38163
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with ...
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver 7.50
1 Github repository
1 Article
6.5
CVSSv2
CVE-2018-2462
In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source.
Sap Netweaver 7.40
Sap Netweaver 7.41
Sap Netweaver 7.50
Sap Netweaver 7.30
Sap Netweaver 7.31
4.3
CVSSv2
CVE-2018-2464
SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver 7.31
Sap Netweaver 7.50
Sap Netweaver 7.30
Sap Netweaver 7.40
Sap Netweaver 7.20
4
CVSSv2
CVE-2022-28217
Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system?s ...
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver 7.20
Sap Netweaver 7.50
6.5
CVSSv2
CVE-2019-0351
A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including ...
Sap Netweaver 7.40
Sap Netweaver 7.10
Sap Netweaver 7.20
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.50
1 Article
3.5
CVSSv2
CVE-2020-6285
SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an malicious user to access information which would otherwise be restricted, leading to Information Disclosure.
Sap Netweaver 7.10
Sap Netweaver 7.11
Sap Netweaver 7.20
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver 7.50
1 Article
6.4
CVSSv2
CVE-2020-6203
SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an malicious user to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed t...
Sap Netweaver 7.10
Sap Netweaver 7.11
Sap Netweaver 7.20
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver 7.50
8.3
CVSSv2
CVE-2021-21481
The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an authorization check. This might allow an unauthorized malicious user to access configuration objects, including such that grant administrative privileges. T...
Sap Netweaver 7.10
Sap Netweaver 7.11
Sap Netweaver 7.20
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver 7.50
1 Article
4.3
CVSSv2
CVE-2018-2365
SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Portal 7.30
Sap Netweaver Portal 7.40
Sap Netweaver Portal 7.31
Sap Netweaver Portal 7.50
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »