Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap enterprise portal 7.50 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-35225
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to li...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
Sap Netweaver Enterprise Portal 7.10
4.3
CVSSv2
CVE-2022-24395
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Enterprise Portal 7.10
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
4.3
CVSSv2
CVE-2022-35170
SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to li...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
Sap Netweaver Enterprise Portal 7.10
4.3
CVSSv2
CVE-2022-35172
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
Sap Netweaver Enterprise Portal 7.10
NA
CVE-2023-26461
SAP NetWeaver allows (SAP Enterprise Portal) - version 7.50, allows an authenticated attacker with sufficient privileges to access the XML parser which can submit a crafted XML file which when parsed will enable them to access but not modify sensitive files and data. It allows th...
Sap Netweaver Enterprise Portal 7.50
NA
CVE-2022-35298
SAP NetWeaver Enterprise Portal (KMC) - version 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. KMC servlet is vulnerable to XSS attack. The execution of script content by a victim registered on the portal could compromi...
Sap Netweaver Enterprise Portal 7.50
NA
CVE-2023-28761
In SAP NetWeaver Enterprise Portal - version 7.50, an unauthenticated attacker can attach to an open interface and make use of an open API to access a service which will enable them to access or modify server settings and data, leading to limited impact on confidentiality and int...
Sap Netweaver Enterprise Portal 7.50
5.8
CVSSv2
CVE-2021-33705
The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated malicious user to craft a malicious URL which when clicked by a user can make any typ...
Sap Netweaver Portal 7.10
Sap Netweaver Portal 7.11
Sap Netweaver Portal 7.20
Sap Netweaver Portal 7.30
Sap Netweaver Portal 7.31
Sap Netweaver Portal 7.40
Sap Netweaver Portal 7.50
4.3
CVSSv2
CVE-2017-10701
Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 allows remote malicious users to inject arbitrary web script or HTML, aka SAP Security Notes 2469860, 2471209, and 2488516.
Sap Enterprise Portal
5.8
CVSSv2
CVE-2021-33707
SAP NetWeaver Knowledge Management allows remote malicious users to redirect users to arbitrary websites and conduct phishing attacks via a URL stored in a component. This could enable the malicious user to compromise the user's confidentiality and integrity.
Sap Netweaver Knowledge Management 7.30
Sap Netweaver Knowledge Management 7.31
Sap Netweaver Knowledge Management 7.40
Sap Netweaver Knowledge Management 7.50
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »