Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects business intelligence 4.0 vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2019-0396
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), corrected in versions 4.1 and 4.2, does not sufficiently validate an XML document accepted from an untrusted source. An attacker can craft a message that contains malicious elements that will no...
Sap Businessobjects Business Intelligence Platform 4.0
Sap Businessobjects Business Intelligence Platform 4.1
5.4
CVSSv3
CVE-2019-0375
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), prior to 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the export dialog box of the report name resulting in reflected Cross-Site Scripting.
Sap Businessobjects Business Intelligence Platform 4.0
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
5.4
CVSSv3
CVE-2019-0376
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), prior to 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows an malicious user to save malicious scripts in the publication name, which can be executed later by the victi...
Sap Businessobjects Business Intelligence Platform 4.0
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
5.4
CVSSv3
CVE-2019-0377
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), prior to 4.2, does not sufficiently encode user-controlled inputs and allows an malicious user to store malicious scripts in the input controls, resulting in Stored Cross-Site Scripting.
Sap Businessobjects Business Intelligence Platform 4.0
Sap Businessobjects Business Intelligence Platform 4.1
5.4
CVSSv3
CVE-2019-0374
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), prior to 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the chart title resulting in reflected Cross-Site Scripting
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
Sap Businessobjects Business Intelligence Platform 4.0
5.4
CVSSv3
CVE-2019-0378
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before version 4.2, does not sufficiently encode user-controlled inputs and allows an malicious user to store malicious scripts in the file name of the background image resulting in Stored Cross...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.0
8.8
CVSSv3
CVE-2018-2442
In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid.
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.0
Sap Internet Graphics Server 7.45
Sap Internet Graphics Server 7.53
Sap Internet Graphics Server 7.20
Sap Internet Graphics Server 7.20ext
Sap Internet Graphics Server 7.49
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started