Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects 3.2 vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2010-0219
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote malicious users to execute arbitrary code by uploading a crafted web s...
Apache Axis2 1.3
Apache Axis2 1.4
Apache Axis2 1.5.2
Apache Axis2 1.6
Apache Axis2 1.5
Apache Axis2 1.4.1
Apache Axis2 1.5.1
Sap Businessobjects 3.2
3 EDB exploits
1 Github repository
445
VMScore
CVE-2010-3979
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on whether the Login field corresponds to a valid username, which allows remote malicious users to enumerate account names via a login SOAPAction to the dswsbobje/services/session URI.
Sap Businessobjects 3.2
383
VMScore
CVE-2010-3981
Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote malicious users to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page.
Sap Businessobjects 3.2
445
VMScore
CVE-2010-3982
SAP BusinessObjects Enterprise XI 3.2 allows remote malicious users to trigger TCP connections to arbitrary intranet hosts on any port, and obtain potentially sensitive information about open ports, via the apstoken parameter to the CrystalReports/viewrpt.cwr URI, related to an &...
Sap Businessobjects 3.2
801
VMScore
CVE-2010-3983
CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property.
Sap Businessobjects 3.2
356
VMScore
CVE-2010-3980
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a denial of service via a large numCuids value in a GenerateCuids SOAPAction to the dswsbobje/services/biplatform URI.
Sap Businessobjects 3.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started