Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-5263
Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the server parameter.
Sap Netweaver 7.0
Sap Netweaver 7.10
Sap Netweaver
Sap Netweaver 7.02
Sap Netweaver 7.01
4.3
CVSSv2
CVE-2012-1290
Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote malicious users to inject arbitrary web script or HTML via the _loadPage parameter.
Sap Netweaver 7.0
4.3
CVSSv2
CVE-2010-2904
Multiple cross-site scripting (XSS) vulnerabilities in the System Landscape Directory (SLD) component 6.4 up to and including 7.02 in SAP NetWeaver allow remote malicious users to inject arbitrary web script or HTML via the (1) action parameter to testsdic and the (2) helpstring ...
Sap System Landscape Directory 6.4
Sap System Landscape Directory 7.0
Sap System Landscape Directory 7.02
Sap Netweaver
Sap Netweaver 6.4
Sap Netweaver 7.0
4.3
CVSSv2
CVE-2010-1609
Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sap Netweaver 7.0
Sap Netweaver 4.0
4.3
CVSSv2
CVE-2009-2932
Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote malicious users to inject arbitrary web script or HTML via the TModel Key field.
Sap Netweaver 7.0
4.3
CVSSv2
CVE-2008-1846
The default configuration of SAP NetWeaver prior to 7.0 SP15 does not enable the "Always Use Secure HTML Editor" (aka Editor Security or Secure Editing) parameter, which allows remote malicious users to conduct cross-site scripting (XSS) attacks by entering feedback for...
Sap Netweaver
4
CVSSv2
CVE-2012-1289
Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/...
Sap Netweaver 7.0
NA
CVE-2012-25143
Core Security Technologies Advisory - SAP Netweaver is a technology platform for building and integrating SAP business applications. Multiple vulnerabilities have been found in SAP Netweaver that could allow an unauthenticated, remote attacker to execute arbitrary code and lead t...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4