 |
|
|
|
| SAP NetWeaver multiple security vulnerabilities | | Published: |  | 20.11.2011 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 12044 | | Type: |  | remote | | Level: |  | 8/10 | | Description: |  | Authentication bypass, crosste scripting, code injection, information leakage. |
| Original document |  | Alexandr Polyakov, [DSECRG-11-038] SAP RSTXSCRP report - smb relay vulnerability (20.11.2011) |
| | | Alexandr Polyakov, [DSECRG-11-037] SAP BW Doc - Multiple XSS (20.11.2011) |
| | | Alexandr Polyakov, [DSECRG-11-031] SAP RFC EPS_DELETE_FILE - Authorisation bypass, smbrelay (20.11.2011) |
| | | Alexandr Polyakov, [DSECRG-11-030] SAP NetWeaver JavaMailExamples - XSS (20.11.2011) |
| | | Alexandr Polyakov, [DSECRG-11-032] SAP NetWeaver ipcpricing - information disclose (20.11.2011) |
| | | Alexandr Polyakov, [DSECRG-11-034] SAP NetWeaver J2EE MeSync – information disclose (20.11.2011) |
| | | Alexandr Polyakov, [DSECRG-11-036] SAP NetWaver Virus Scan Interface - multiple XSS (20.11.2011) |
| | | Alexandr Polyakov, [DSECRG-11-039] SAP NetWeaver TH_GREP module - Code injection vulnerability (NEW) (20.11.2011) |
| | | Alexandr Polyakov, [DSECRG-11-040] SAP NetWeaver SPML - XML CSRF user creation (20.11.2011) |
| | | Alexandr Polyakov, [DSECRG-11-041] SAP NetWeaver - Authentication bypass (Verb Tampering) (20.11.2011) |
|
|
|
|
|
|
|
|
