Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap customer relationship management 7.02 vulnerabilities and exploits
(subscribe to this query)
6.6
CVSSv3
CVE-2018-2380
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an malicious user to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
Sap Customer Relationship Management 7.33
Sap Customer Relationship Management 7.01
Sap Customer Relationship Management 7.02
Sap Customer Relationship Management 7.30
Sap Customer Relationship Management 7.31
Sap Customer Relationship Management 7.54
1 EDB exploit
1 Github repository
1 Article
5.4
CVSSv3
CVE-2023-24525
SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of t...
Sap Customer Relationship Management Webclient Ui 7.01
Sap Customer Relationship Management Webclient Ui 7.31
Sap Customer Relationship Management Webclient Ui 7.48
Sap Customer Relationship Management Webclient Ui 8.00
Sap Customer Relationship Management Webclient Ui 8.01
Sap Customer Relationship Management Webclient Ui 7.00
Sap Customer Relationship Management Webclient Ui 7.02
Sap Customer Relationship Management Webclient Ui 7.40
Sap Customer Relationship Management Webclient Ui 7.50
Sap Customer Relationship Management Webclient Ui 7.52
Sap S4fnd 1.02
Sap S4fnd 1.03
5.4
CVSSv3
CVE-2019-0368
SAP Customer Relationship Management (Email Management), versions: S4CRM prior to 1.0 and 2.0, BBPCRM prior to 7.0, 7.01, 7.02, 7.12, 7.13 and 7.14, does not sufficiently encode user-controlled inputs within the mail client resulting in Cross-Site Scripting vulnerability.
Sap Customer Relationship Management S4crm 1.0
Sap Customer Relationship Management S4crm 2.0
Sap Customer Relationship Management Bbpcrm 7.0
Sap Customer Relationship Management Bbpcrm 7.01
Sap Customer Relationship Management Bbpcrm 7.02
Sap Customer Relationship Management Bbpcrm 7.13
Sap Customer Relationship Management Bbpcrm 7.12
Sap Customer Relationship Management Bbpcrm 7.14
NA
CVE-2014-1962
Gwsync in SAP CRM 7.02 EHP 2 allows remote malicious users to obtain sensitive information via unspecified vectors, related to an XML External Entity (XXE) issue.
Sap Customer Relationship Management 7.02
NA
CVE-2013-7095
The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.
Sap Customer Relationship Management 7.02
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started