Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netweaver abap vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-41214
Due to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges to use a remote enabled function to delete a file which is otherwise restricted. On successful exploitation an attacker can completely compr...
Sap Netweaver Application Server Abap 750
Sap Netweaver Application Server Abap 700
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 804
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 789
4.3
CVSSv2
CVE-2020-26835
SAP NetWeaver AS ABAP, versions - 740, 750, 751, 752, 753, 754 , does not sufficiently encode URL which allows an malicious user to input malicious java script in the URL which could be executed in the browser resulting in Reflected Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver Application Server Abap 750
Sap Netweaver Application Server Abap 752
Sap Netweaver Application Server Abap 753
Sap Netweaver Application Server Abap 754
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 751
NA
CVE-2023-24522
Due to insufficient input sanitization, SAP NetWeaver AS ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended dat...
Sap Netweaver Application Server Abap 702
Sap Netweaver Application Server Abap 700
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 701
4.6
CVSSv2
CVE-2021-27611
SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged malicious user to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system. The attacker could then get access to data, overwrite them, or execute a de...
Sap Netweaver Application Server Abap 702
Sap Netweaver Application Server Abap 700
Sap Netweaver Application Server Abap 730
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 701
NA
CVE-2022-41215
SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated malicious user to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.
Sap Netweaver Application Server Abap 750
Sap Netweaver Application Server Abap 700
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 789
NA
CVE-2022-39799
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user.
Sap Netweaver Application Server Abap Kernel 7.77
Sap Netweaver Application Server Abap 7.81
Sap Netweaver Application Server Abap 7.85
Sap Netweaver Application Server Abap 7.89
Sap Netweaver Application Server Abap 7.54
4.3
CVSSv2
CVE-2022-27656
The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver As Abap Krnl64uc 8.04
Sap Netweaver As Abap Krnl64uc 7.22ext
Sap Netweaver As Abap Krnl64uc 7.49
Sap Netweaver As Abap Krnl64uc 7.53
Sap Netweaver As Abap Krnl64uc 7.22
Sap Netweaver As Abap Kernel 7.22
Sap Netweaver As Abap Kernel 8.04
Sap Netweaver As Abap Kernel 7.49
Sap Netweaver As Abap Kernel 7.53
Sap Netweaver As Abap Kernel 7.77
Sap Netweaver As Abap Kernel 7.81
Sap Netweaver As Abap Kernel 7.85
Sap Netweaver As Abap Kernel 7.86
Sap Netweaver As Abap Kernel 7.87
Sap Webdispatcher 7.49
Sap Webdispatcher 7.53
Sap Webdispatcher 7.77
Sap Webdispatcher 7.81
Sap Webdispatcher 7.83
Sap Webdispatcher 7.85
Sap Webdispatcher 7.22ext
4
CVSSv2
CVE-2020-6299
SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Information Disclosure.
Sap Abap Platform 751
Sap Abap Platform 753
Sap Abap Platform 755
Sap Abap Platform 740
Sap Abap Platform 750
Sap Abap Platform 754
Sap Netweaver Application Server Abap 750
Sap Netweaver Application Server Abap 753
Sap Netweaver Application Server Abap 754
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 751
Sap Netweaver Application Server Abap 755
NA
CVE-2023-49581
SAP GUI for Windows and SAP GUI for Java allow an unauthenticated malicious user to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated malicious user to write data to a database table. By doing so th...
Sap Netweaver Application Server Abap 700
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 750
3.5
CVSSv2
CVE-2022-29610
SAP NetWeaver Application Server ABAP allows an authenticated malicious user to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.
Sap Netweaver Application Server Abap 753
Sap Netweaver Application Server Abap 754
Sap Netweaver Application Server Abap 755
Sap Netweaver Application Server Abap 756
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »