Check CVE Id
Check CWE Id
'Businessobjects business intelligence'
SAP BusinessObjects Business Intelligence (Launchpad Web Intelligence), version 4.2, allows an attacker to execute crafted InfoObject queries, exposing the CMS InfoObjects database.
Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.
AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application, resulting in a Server-Side Request Forgery (SSRF) vulnerability.
In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid.
SAP BusinessObjects Business Intelligence (BI Launchpad and Central Management Console) versions 4.10, 4.20 and 4.30 allow an attacker to include invalidated data in the HTTP response header sent to a Web user. Successful exploitation of this vulnerability may lead to advanced attacks, including: cross-site scripting and page hijacking.
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.
Sap r 3 web application server demo
Sap r 3
Internet transaction server
Mysap business suite
Sap web application server
Internet graphics server
Sap basis component 640
Sap basis component 700
Internet communication manager
Sap message server
Crystal reports server
Business one 2005-a
J2ee engine core
System landscape directory
Netweaver business client
Production planning and control
Healthcare industry solution
Erp cental component
Basis communication services
Erp central component
Network interface router
Netweaver development infrastructure
Customer relationship management
Netweaver solution manager
Netweaver exchange infrastructure (bc-xi)
Bi universal data integration
Ccms / database monitor
Guided procedures archive monitor
Software deployment manager
Print and output management
Business object processing framework for abap
Netweaver software lifecycle manager
Netweaver abap application server
Netweaver java application server
Web services tool
Computing center management system monitoring
Transaction data pool
Open hub service
Oil industry solution traders and schedulers workbench
Supplier relationship management
Hana extend application services
Netweaver business warehouse
Fi manager self-service
Adaptive server enterprise
Environment health and safety
Document management services
Customer relationship management internet sales
Business intelligence development workbench
Hana web-based development workbench
Governance risk and compliance
See all Products for Vendor
Back to Top