Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-2472
SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web Intelligence DHTML client) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Bi Platform 4.2
Sap Businessobjects Bi Platform 4.1
383
VMScore
CVE-2018-2444
SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Financial Consolidation 10.1
Sap Businessobjects Financial Consolidation 10.0
383
VMScore
CVE-2018-2431
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Business Intelligence 4.10
Sap Businessobjects Business Intelligence 4.20
383
VMScore
CVE-2017-14516
Cross-Site Scripting (XSS) exists in SAP Business Objects Financial Consolidation prior to 2017-06-13, aka SAP Security Note 2422292.
Sap Businessobjects Financial Consolidation -
383
VMScore
CVE-2017-6061
Cross-site scripting (XSS) vulnerability in the help component of SAP BusinessObjects Financial Consolidation 10.0.0.1933 allows remote malicious users to inject arbitrary web script or HTML via a GET request. /finance/help/en/frameset.htm is the URI for this component. The vendo...
Sap Businessobjects Financial Consolidation 10.0.0.1933
383
VMScore
CVE-2014-8308
Cross-site scripting (XSS) vulnerability in the Send to Inbox functionality in SAP BusinessObjects BI EDGE 4.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sap Businessobjects 4.0
383
VMScore
CVE-2014-3134
Cross-site scripting (XSS) vulnerability in the InfoView application in SAP BusinessObjects allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sap Businessobjects -
383
VMScore
CVE-2010-3981
Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote malicious users to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page.
Sap Businessobjects 3.2
383
VMScore
CVE-2008-1894
Cross-site scripting (XSS) vulnerability in desktoplaunch/InfoView/logon/logon.object in BusinessObjects InfoView XI R2 SP1, SP2, and SP3 Java version before FixPack 3.5 allows remote malicious users to inject arbitrary web script or HTML via the cms parameter.
Businessobjects Infoview
Businessobjects Infoview Xi R2
383
VMScore
CVE-2004-2742
Cross-site scripting (XSS) vulnerability in the report viewer in Crystal Enterprise 8.5, 9, and 10 allows remote malicious users to inject arbitrary web script or HTML via script in the URL to a report (RPT) file.
Businessobjects Crystal Enterprise 8.5
Businessobjects Crystal Enterprise 10
Businessobjects Crystal Enterprise 9
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »