Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.02 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-2435
SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.50
6.6
CVSSv3
CVE-2018-2380
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an malicious user to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
Sap Customer Relationship Management 7.33
Sap Customer Relationship Management 7.01
Sap Customer Relationship Management 7.02
Sap Customer Relationship Management 7.30
Sap Customer Relationship Management 7.31
Sap Customer Relationship Management 7.54
1 EDB exploit
1 Github repository
1 Article
8.8
CVSSv3
CVE-2018-2363
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially esc...
Sap Netweaver -
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.31
7.2
CVSSv3
CVE-2017-16682
SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application.
Sap Netweaver Internet Transaction Server -
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.30
4.7
CVSSv3
CVE-2017-16678
Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management Configuration Service, EPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50, that allows an malicious user to manipulate the vulnerable application to send crafted requests on beh...
Sap Netweaver Knowledge Management Configuration Service -
Sap Epbc2
Sap Epbc
Sap Kmc-bc 7.30
Sap Kmc-bc 7.31
Sap Kmc-bc 7.40
Sap Kmc-bc 7.50
NA
CVE-2014-8591
Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote malicious users to cause a denial of service (process termination) via unknown vectors.
Sap Netweaver 7.02
Sap Netweaver 7.30
NA
CVE-2014-8592
Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote malicious users to cause a denial of service (process termination) via a crafted request.
Sap Netweaver 7.02
Sap Netweaver 7.30
NA
CVE-2014-3787
SAP NetWeaver 7.20 and previous versions allows remote malicious users to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.
Sap Netweaver 7.02
Sap Netweaver 7.0
Sap Netweaver 7.01
Sap Netweaver
Sap Netweaver 7.10
Sap Netweaver 7.03
1 Article
NA
CVE-2014-1965
Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 up to and including 7.02, and 7.10 up to and including 7.11 for SAP NetWeaver allows remote malicious users to inject arbitrary w...
Sap Netweaver 7.10
Sap Netweaver 3.0
Sap Netweaver 7.0
Sap Netweaver 7.01
Sap Netweaver 7.02
Sap Netweaver 7.11
NA
CVE-2013-6815
The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and previous versions allows remote malicious users to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue.
Sap Netweaver 7.0
Sap Netweaver 7.02
Sap Netweaver 7.01
Sap Netweaver 4.0
Sap Netweaver
Sap Netweaver 7.30
Sap Netweaver 7.10
Sap Netweaver 7.03
Sap Netweaver 6.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »