Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap business one 9.3 vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2021-27616
Under certain conditions, SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One for SAP HANA, allows an malicious user to exploit an insecure temporary backup path and to access information which would otherwise be restri...
Sap Business One 9.2
Sap Business One 9.3
Sap Business One 10.0
Sap Business One 9.1
Sap Business One 9.0
Sap Business One 8.82
Sap Business-one-hana-chef-cookbook 0.1.7
Sap Business-one-hana-chef-cookbook 0.1.19
Sap Business-one-hana-chef-cookbook 0.1.6
320
VMScore
CVE-2021-27614
SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an malicious user to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application thereb...
Sap Business One 9.2
Sap Business One 9.3
Sap Business One 10.0
Sap Business One 9.1
Sap Business One 9.0
Sap Business One 8.82
Sap Business-one-hana-chef-cookbook 0.1.7
Sap Business-one-hana-chef-cookbook 0.1.19
Sap Business-one-hana-chef-cookbook 0.1.6
409
VMScore
CVE-2021-27613
Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an malicious user to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restr...
Sap Chef Business-one-cookbook 0.1.9
187
VMScore
CVE-2020-6239
Under certain conditions SAP Business One (Backup service), versions 9.3, 10.0, allows an attacker with admin permissions to view SYSTEM user password in clear text, leading to Information Disclosure.
Sap Business One 9.3
Sap Business One 10.0
187
VMScore
CVE-2019-0353
Under certain conditions SAP Business One client (B1_ON_HANA, SAP-M-BO), prior to 9.2 and 9.3, allows an malicious user to access information which would otherwise be restricted.
Sap Business One Client 9.3
Sap Business One Client 9.2
383
VMScore
CVE-2018-2502
TRACE method is enabled in SAP Business One Service Layer . Attacker can use XST (Cross Site Tracing) attack if frontend applications that are using Service Layer has a XSS vulnerability. This has been fixed in SAP Business One Service Layer (B1_ON_HANA, versions 9.2, 9.3).
Sap Business One On Hana 9.2
Sap Business One On Hana 9.3
445
VMScore
CVE-2018-2458
Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an malicious user to access information which would otherwise be restricted.
Sap Business One 9.2
Sap Business One 9.3
187
VMScore
CVE-2018-2425
Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an malicious user to access information which would otherwise be restricted.
Sap Business One 9.3
Sap Business One 9.2
312
VMScore
CVE-2018-2410
SAP Business One, 9.2, 9.3, browser access does not sufficiently encode user controlled inputs, which results in a Cross-Site Scripting (XSS) vulnerability.
Sap Business One 9.2
Sap Business One 9.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started