Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

fabian hagg vulnerabilities and exploits

(subscribe to this query)
6.1
CVSSv3
CVE-2020-6215
SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, allows an malicious user to redirect users to a malicious site due to insufficient URL validation and steal credentials of the victim, leading to URL...
Sap Netweaver As Abap Business Server Pages 700Sap Netweaver As Abap Business Server Pages 701Sap Netweaver As Abap Business Server Pages 702Sap Netweaver As Abap Business Server Pages 730Sap Netweaver As Abap Business Server Pages 731Sap Netweaver As Abap Business Server Pages 740Sap Netweaver As Abap Business Server Pages 750Sap Netweaver As Abap Business Server Pages 751Sap Netweaver As Abap Business Server Pages 752Sap Netweaver As Abap Business Server Pages 753Sap Netweaver As Abap Business Server Pages 754
4.9
CVSSv3
CVE-2022-35295
In SAP Host Agent (SAPOSCOL) - version 7.22, an attacker may use files created by saposcol to escalate privileges for themselves.
Sap Host Agent 7.22
9.8
CVSSv3
CVE-2022-27668
Depending on the configuration of the route permission table in file 'saprouttab', it is possible for an unauthenticated malicious user to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform - versions KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, ...
Sap Netweaver As Abap Kernel 7.49Sap Netweaver As Abap Kernel 7.77Sap Netweaver As Abap Kernel 7.81Sap Netweaver As Abap Krnl64uc 7.49Sap Netweaver As Abap Krnl64nuc 7.49Sap Router 7.22Sap Router 7.53Sap Netweaver As Abap Kernel 7.85Sap Netweaver As Abap Kernel 7.86Sap Netweaver As Abap Kernel 7.87Sap Netweaver As Abap Kernel 7.88
8.8
CVSSv3
CVE-2021-21466
SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged malicious user to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicio...
Sap Bw\\/4hana 200Sap Bw\\/4hana 100Sap Business Warehouse 701Sap Business Warehouse 702Sap Business Warehouse 731Sap Business Warehouse 740Sap Business Warehouse 750Sap Business Warehouse 782Sap Business Warehouse 700Sap Business Warehouse 730Sap Business Warehouse 711
6.5
CVSSv3
CVE-2021-21468
The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table.
Sap Business Warehouse 731Sap Business Warehouse 740Sap Business Warehouse 750Sap Business Warehouse 751Sap Business Warehouse 752Sap Business Warehouse 753Sap Business Warehouse 754Sap Business Warehouse 755Sap Business Warehouse 782Sap Business Warehouse 730Sap Business Warehouse 711Sap Business Warehouse 710
7.2
CVSSv3
CVE-2020-6318
A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABAP Server, up to release 7.40) and ABAP Platform (> release 7.40).Because of this, an attacker can exploit these products via Code Injection, and potentially enabling to take complete control of the products,...
Sap Abap Platform 700Sap Abap Platform 701Sap Abap Platform 702Sap Abap Platform 710Sap Abap Platform 711Sap Abap Platform 751Sap Abap Platform 753Sap Abap Platform 755Sap Abap Platform 740Sap Abap Platform 750Sap Abap Platform 754Sap Abap Platform 730Sap Abap Platform 731
9.9
CVSSv3
CVE-2021-21465
The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL in...
Sap Business Warehouse 731Sap Business Warehouse 740Sap Business Warehouse 750Sap Business Warehouse 751Sap Business Warehouse 752Sap Business Warehouse 753Sap Business Warehouse 754Sap Business Warehouse 755Sap Business Warehouse 782Sap Business Warehouse 730Sap Business Warehouse 710Sap Business Warehouse 711
6.3
CVSSv3
CVE-2021-21473
SAP NetWeaver AS ABAP and ABAP Platform, versions - 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, contains function module SRM_RFC_SUBMIT_REPORT which fails to validate authorization of an authenticated user thus allowing an unauthorized user to execute reports...
Sap Netweaver Application Server Abap 702Sap Netweaver Application Server Abap 750Sap Netweaver Application Server Abap 752Sap Netweaver Application Server Abap 753Sap Netweaver Application Server Abap 754Sap Netweaver Application Server Abap 755Sap Netweaver Application Server Abap 700Sap Netweaver Application Server Abap 710Sap Netweaver Application Server Abap 730Sap Netweaver Application Server Abap 731Sap Netweaver Application Server Abap 711Sap Netweaver Application Server Abap 740Sap Netweaver Application Server Abap 751
7.2
CVSSv3
CVE-2020-26808
SAP AS ABAP(DMIS), versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2011_1_752, 2020 and SAP S4 HANA(DMIS), versions - 101, 102, 103, 104, 105, allows an authenticated malicious user to inject arbitrary code into function module leading to code i...
Sap Sap S4 Hana\\(dmis\\) 101Sap Sap S4 Hana\\(dmis\\) 102Sap Sap S4 Hana\\(dmis\\) 103Sap Sap S4 Hana\\(dmis\\) 104Sap Sap S4 Hana\\(dmis\\) 105Sap Sap As Abap\\(dmis\\) 2011 1 620Sap Sap As Abap\\(dmis\\) 2011 1 640Sap Sap As Abap\\(dmis\\) 2011 1 700Sap Sap As Abap\\(dmis\\) 2011 1 710Sap Sap As Abap\\(dmis\\) 2011 1 730Sap Sap As Abap\\(dmis\\) 2011 1 731Sap Sap As Abap\\(dmis\\) 2011 1 752Sap Sap As Abap\\(dmis\\) 2020
6.5
CVSSv3
CVE-2021-33678
A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a high privileged malicious user to inject code that can be executed by the application. An attacker ...
Sap Netweaver Application Server Abap 702Sap Netweaver Application Server Abap 750Sap Netweaver Application Server Abap 752Sap Netweaver Application Server Abap 700Sap Netweaver Application Server Abap 710Sap Netweaver Application Server Abap 730Sap Netweaver Application Server Abap 731Sap Netweaver Application Server Abap 711Sap Netweaver Application Server Abap 740Sap Netweaver Application Server Abap 751Sap Netweaver Application Server Abap 75aSap Netweaver Application Server Abap 75bSap Netweaver Application Server Abap 75cSap Netweaver Application Server Abap 75dSap Netweaver Application Server Abap 75eSap Netweaver Application Server Abap 701Sap Netweaver Application Server Abap 75f
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook