Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver portal 7.30 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-37531
SAP NetWeaver Knowledge Management XML Forms versions - 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, contains an XSLT vulnerability which allows a non-administrative authenticated malicious user to craft a malicious XSL stylesheet file containing a script with OS-level commands, copy it i...
Sap Netweaver Knowledge Management Xml Forms 7.11
Sap Netweaver Knowledge Management Xml Forms 7.30
Sap Netweaver Knowledge Management Xml Forms 7.31
Sap Netweaver Knowledge Management Xml Forms 7.40
Sap Netweaver Knowledge Management Xml Forms 7.50
Sap Netweaver Knowledge Management Xml Forms 7.10
8.1
CVSSv3
CVE-2021-33705
The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated malicious user to craft a malicious URL which when clicked by a user can make any typ...
Sap Netweaver Portal 7.30
Sap Netweaver Portal 7.31
Sap Netweaver Portal 7.40
Sap Netweaver Portal 7.50
Sap Netweaver Portal 7.10
Sap Netweaver Portal 7.11
Sap Netweaver Portal 7.20
6.1
CVSSv3
CVE-2022-35225
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to li...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
Sap Netweaver Enterprise Portal 7.10
6.1
CVSSv3
CVE-2022-35227
A vulnerability in SAP NW EP (WPC) - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote malicious user to conduct a Cross-Site (XSS) scripting attack. A successful exploit could allow the malicious user to execute arbitrar...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
6.1
CVSSv3
CVE-2022-32247
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the User inputs while interacting on the Network. On successful exploitation, an attacker ...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
Sap Netweaver Enterprise Portal 7.10
6.1
CVSSv3
CVE-2022-35170
SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to li...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
Sap Netweaver Enterprise Portal 7.10
6.1
CVSSv3
CVE-2022-35172
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
Sap Netweaver Enterprise Portal 7.10
6.1
CVSSv3
CVE-2022-26105
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the Network. On successful exploitation, an attacker ...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
Sap Netweaver Enterprise Portal 7.10
6.1
CVSSv3
CVE-2022-24395
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
Sap Netweaver Enterprise Portal 7.10
6.1
CVSSv3
CVE-2022-24397
SAP NetWeaver Enterprise Portal - versions 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.This reflected cross-site scripting attack can be used to non-permanently deface or modify displ...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »