Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2012-2513
The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
5
CVSSv2
CVE-2012-2514
The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
4
CVSSv2
CVE-2012-1289
Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/...
Sap Netweaver 7.0
4.3
CVSSv2
CVE-2012-1290
Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote malicious users to inject arbitrary web script or HTML via the _loadPage parameter.
Sap Netweaver 7.0
5
CVSSv2
CVE-2012-1291
Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote malicious users to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in...
Sap Netweaver 7.0
5
CVSSv2
CVE-2012-1292
Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote malicious users to obtain sensitive information about the MessagingSystem Performance Data via unspecified vectors.
Sap Netweaver 7.0
4.3
CVSSv2
CVE-2009-2932
Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote malicious users to inject arbitrary web script or HTML via the TModel Key field.
Sap Netweaver 7.0
4.3
CVSSv2
CVE-2018-2470
In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
9
CVSSv2
CVE-2021-38163
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with ...
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver 7.50
1 Github repository
1 Article
4.3
CVSSv2
CVE-2018-2435
SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal
Sap Netweaver Enterprise Portal 7.11
Sap Netweaver Enterprise Portal 7.20
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.50
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »