Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Enable now'
2021-06-09
CVE-2021-27637
CWE-668
Under certain conditions SAP Enable Now (SAP Workforce Performance Builder - Manager), versions - 1.0, 10 allows an attacker to access information which would otherwise be restricted leading to information disclosure.
2020-03-10
CVE-2020-6197
CWE-613
SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. The Insufficient Session Expiration may allow attackers with local access, for instance, to still download the portables.
CVE-2020-6178
CWE-613
SAP Enable Now, before version 1911, sends the Session ID cookie value in URL. This might be stolen from the browser history or log files, leading to Information Disclosure.
2019-12-11
CVE-2019-0405
CWE-200
SAP Enable Now, before version 1911, leaks information about the existence of a particular user which can be used to construct a list of users, leading to a user enumeration vulnerability and Information Disclosure.
CVE-2019-0404
CWE-200
SAP Enable Now, before version 1911, leaks information about network configuration in the server error messages, leading to Information Disclosure.
CVE-2019-0403
CWE-20
SAP Enable Now, before version 1911, allows an attacker to input commands into the CSV files, which will be executed when opened, leading to CSV Command Injection.
2019-11-13
CVE-2019-0385
CWE-79
SAP Enable Now, before version 1908, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
2019-08-14
CVE-2019-0341
CWE-20
The session cookie used by SAP Enable Now, version 1902, does not have the HttpOnly flag set. If an attacker runs script code in the context of the application, he could get access to the session cookie. The session cookie could then be abused to gain access to the application.
>>>
Vendor:
SAP
332
Produkty
Router
Application server
Sap r 3 web application server demo
Saposcol
E-commerce
Crystal reports
Sap db
Sap r 3
Sapgui
Adaptive server enterprise
Internet transaction server
Mysap business suite
Maxdb
Sap web application server
Business connector
Sapdba
Download manager
Infrastructure
Internet graphics server
Inventory manager
Saplpd
Sapsprint
Rfc library
Sap basis component 640
Sap basis component 700
Netweaver nw04
Netweaver nw04s
Enjoysap
Internet communication manager
Sap message server
Business objects
Sql anywhere
Netweaver
Web dynpro
Sap gui
Tabone
Commerce
Gateway
Crystal reports server
Sap kernel
Business one 2005-a
Businessobjects
J2ee engine core
Server core
System landscape directory
Netweaver business client
Netweaver abap
GUI
Production planning and control
Healthcare industry solution
Erp cental component
Basis communication services
Erp central component
Network interface router
Netweaver logviewer
Netweaver development infrastructure
Customer relationship management
Emr unwired
Netweaver solution manager
Netweaver exchange infrastructure (bc-xi)
Bi universal data integration
Ccms / database monitor
J2ee engine
Guided procedures archive monitor
Mobile infrastructure
Adminadapter
Cm services
Cms services
Ccms agent
Solution manager
Enterprise portal
Software deployment manager
Enhancement package
HANA
Print and output management
Business object processing framework for abap
Netweaver software lifecycle manager
Netweaver abap application server
Profile maintenance
Background processing
Netweaver java application server
Project system
Brazil
Web services tool
Computing center management system monitoring
Transaction data pool
Capacity leveling
Open hub service
Oil industry solution traders and schedulers workbench
Upgrade tools
Supplier relationship management
Hana extend application services
Netweaver business warehouse
Fi manager self-service
Businessobjects xi
Businessobjects explorer
Commoncryptolib
Sapcrytolib
Sapseculib
Environment health and safety
Zobacz wszystkie produkty dla producenta
SAP
Copyright
2024
, cxsecurity.com
Back to Top