Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sap netweaver enterprise portal 7.31 vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2022-35227
A vulnerability in SAP NW EP (WPC) - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote malicious user to conduct a Cross-Site (XSS) scripting attack. A successful exploit could allow the malicious user to execute arbitrar...
Sap Netweaver Enterprise Portal 7.31Sap Netweaver Enterprise Portal 7.30Sap Netweaver Enterprise Portal 7.40Sap Netweaver Enterprise Portal 7.50
2.6
CVSSv2
CVE-2021-33703
Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability...
Sap Netweaver Enterprise Portal 7.30Sap Netweaver Enterprise Portal 7.31Sap Netweaver Enterprise Portal 7.40Sap Netweaver Enterprise Portal 7.50
4.3
CVSSv2
CVE-2022-24397
SAP NetWeaver Enterprise Portal - versions 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.This reflected cross-site scripting attack can be used to non-permanently deface or modify displ...
Sap Netweaver Enterprise Portal 7.30Sap Netweaver Enterprise Portal 7.31Sap Netweaver Enterprise Portal 7.40Sap Netweaver Enterprise Portal 7.50
4.3
CVSSv2
CVE-2020-6323
SAP NetWeaver Enterprise Portal (Fiori Framework Page) versions - 7.50, 7.31, 7.40, does not sufficiently encode user-controlled inputs and allows an attacker on a valid session to create an XSS that will be both reflected immediately and also be persisted and returned in further...
Sap Netweaver Enterprise Portal 7.31Sap Netweaver Enterprise Portal 7.40Sap Netweaver Enterprise Portal 7.50
4.3
CVSSv2
CVE-2018-2435
SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Enterprise Portal 7.30Sap Netweaver Enterprise Portal 7.40Sap Netweaver Enterprise PortalSap Netweaver Enterprise Portal 7.11Sap Netweaver Enterprise Portal 7.20Sap Netweaver Enterprise Portal 7.31Sap Netweaver Enterprise Portal 7.50
4.3
CVSSv2
CVE-2022-35170
SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to li...
Sap Netweaver Enterprise Portal 7.31Sap Netweaver Enterprise Portal 7.11Sap Netweaver Enterprise Portal 7.20Sap Netweaver Enterprise Portal 7.30Sap Netweaver Enterprise Portal 7.40Sap Netweaver Enterprise Portal 7.50Sap Netweaver Enterprise Portal 7.10
4.3
CVSSv2
CVE-2022-35172
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Enterprise Portal 7.31Sap Netweaver Enterprise Portal 7.11Sap Netweaver Enterprise Portal 7.20Sap Netweaver Enterprise Portal 7.30Sap Netweaver Enterprise Portal 7.40Sap Netweaver Enterprise Portal 7.50Sap Netweaver Enterprise Portal 7.10
4.3
CVSSv2
CVE-2022-35225
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to li...
Sap Netweaver Enterprise Portal 7.31Sap Netweaver Enterprise Portal 7.11Sap Netweaver Enterprise Portal 7.20Sap Netweaver Enterprise Portal 7.30Sap Netweaver Enterprise Portal 7.40Sap Netweaver Enterprise Portal 7.50Sap Netweaver Enterprise Portal 7.10
4.3
CVSSv2
CVE-2022-32247
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the User inputs while interacting on the Network. On successful exploitation, an attacker ...
Sap Netweaver Enterprise Portal 7.31Sap Netweaver Enterprise Portal 7.11Sap Netweaver Enterprise Portal 7.20Sap Netweaver Enterprise Portal 7.30Sap Netweaver Enterprise Portal 7.40Sap Netweaver Enterprise Portal 7.50Sap Netweaver Enterprise Portal 7.10
2.6
CVSSv2
CVE-2021-33702
Under certain conditions, NetWeaver Enterprise Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode report data. An attacker can craft malicious data and print it to the report. In a successful attack, a victim opens the report, and the malici...
Sap Netweaver Enterprise Portal 7.10Sap Netweaver Enterprise Portal 7.11Sap Netweaver Enterprise Portal 7.20Sap Netweaver Enterprise Portal 7.30Sap Netweaver Enterprise Portal 7.31Sap Netweaver Enterprise Portal 7.40Sap Netweaver Enterprise Portal 7.50
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook