Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap business one 9.2 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-27613
Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an malicious user to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restr...
Sap Chef Business-one-cookbook 0.1.9
7.8
CVSSv3
CVE-2021-27616
Under certain conditions, SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One for SAP HANA, allows an malicious user to exploit an insecure temporary backup path and to access information which would otherwise be restri...
Sap Business One 9.2
Sap Business One 9.3
Sap Business One 10.0
Sap Business One 9.1
Sap Business One 9.0
Sap Business One 8.82
Sap Business-one-hana-chef-cookbook 0.1.7
Sap Business-one-hana-chef-cookbook 0.1.19
Sap Business-one-hana-chef-cookbook 0.1.6
7.5
CVSSv3
CVE-2018-2458
Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an malicious user to access information which would otherwise be restricted.
Sap Business One 9.2
Sap Business One 9.3
7.1
CVSSv3
CVE-2021-27614
SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an malicious user to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application thereb...
6.1
CVSSv3
CVE-2018-2502
TRACE method is enabled in SAP Business One Service Layer . Attacker can use XST (Cross Site Tracing) attack if frontend applications that are using Service Layer has a XSS vulnerability. This has been fixed in SAP Business One Service Layer (B1_ON_HANA, versions 9.2, 9.3).
Sap Business One On Hana 9.2
Sap Business One On Hana 9.3
5.5
CVSSv3
CVE-2018-2425
Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an malicious user to access information which would otherwise be restricted.
Sap Business One 9.3
Sap Business One 9.2
5.4
CVSSv3
CVE-2018-2410
SAP Business One, 9.2, 9.3, browser access does not sufficiently encode user controlled inputs, which results in a Cross-Site Scripting (XSS) vulnerability.
Sap Business One 9.2
Sap Business One 9.3
3.3
CVSSv3
CVE-2019-0353
Under certain conditions SAP Business One client (B1_ON_HANA, SAP-M-BO), prior to 9.2 and 9.3, allows an malicious user to access information which would otherwise be restricted.
Sap Business One Client 9.3
Sap Business One Client 9.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started