Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver portal 7.50 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-2365
SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Portal 7.30
Sap Netweaver Portal 7.40
Sap Netweaver Portal 7.31
Sap Netweaver Portal 7.50
5.8
CVSSv2
CVE-2021-33705
The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated malicious user to craft a malicious URL which when clicked by a user can make any typ...
Sap Netweaver Portal 7.10
Sap Netweaver Portal 7.11
Sap Netweaver Portal 7.20
Sap Netweaver Portal 7.30
Sap Netweaver Portal 7.31
Sap Netweaver Portal 7.40
Sap Netweaver Portal 7.50
4.3
CVSSv2
CVE-2020-6323
SAP NetWeaver Enterprise Portal (Fiori Framework Page) versions - 7.50, 7.31, 7.40, does not sufficiently encode user-controlled inputs and allows an attacker on a valid session to create an XSS that will be both reflected immediately and also be persisted and returned in further...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
4.3
CVSSv2
CVE-2022-35227
A vulnerability in SAP NW EP (WPC) - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote malicious user to conduct a Cross-Site (XSS) scripting attack. A successful exploit could allow the malicious user to execute arbitrar...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
2.6
CVSSv2
CVE-2021-33703
Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability...
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
4.3
CVSSv2
CVE-2022-24397
SAP NetWeaver Enterprise Portal - versions 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.This reflected cross-site scripting attack can be used to non-permanently deface or modify displ...
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
4.3
CVSSv2
CVE-2018-2435
SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.50
3.5
CVSSv2
CVE-2021-21489
SAP NetWeaver Enterprise Portal versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user related data, resulting in Stored Cross-Site Scripting (XSS) vulnerability. This would allow an attacker with administrative privileges to store a malicious scri...
Sap Netweaver Enterprise Portal 7.10
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
4.3
CVSSv2
CVE-2022-24395
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Enterprise Portal 7.10
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
4.3
CVSSv2
CVE-2022-35170
SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to li...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
Sap Netweaver Enterprise Portal 7.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »