CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-7359
https://notcve.org/view.php?id=CVE-2013-7359
Unspecified vulnerability in SAP Mobile Infrastructure allows remote attackers to obtain sensitive port information via unknown vectors, related to an "internal port scanning" issue. Vulnerabilidad no especificada en SAP Mobile Infrastructure permite a atacantes remotos obtener información sensible del puerto a través de vectores desconocidos, relacionado con un problema de "escaneo de puertos internos". • http://www.onapsis.com/get.php?resid=adv_onapsis-2013-009 http://www.onapsis.com/research-advisories.php •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-1964
https://notcve.org/view.php?id=CVE-2014-1964
Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error. Vulnerabilidad de XSS en Integration Repository en el componente SAP Exchange Infrastructure (BC-XI) en SAP NetWeaver permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de vectores relacionados con la aplicación ESR y un error DIR. • http://scn.sap.com/docs/DOC-8218 http://secunia.com/advisories/56947 https://erpscan.io/advisories/erpscan-14-005-sap-netweaver-dir-error-xss https://exchange.xforce.ibmcloud.com/vulnerabilities/91095 https://service.sap.com/sap/support/notes/1788080 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 0CVE-2013-6820
https://notcve.org/view.php?id=CVE-2013-6820
Unrestricted file upload vulnerability in the SAP NetWeaver Development Infrastructure (NWDI) allows remote attackers to execute arbitrary code by uploading a file with an executable extension via unspecified vectors. Vulnerabilidad de subida de archivos sin restricción en el SAP NetWeaver Development Infrastructure (NWDI) permite a atacantes remotos ejecutar código arbitrario mediante la subida de un archivo con una extensión ejecutable a través de vectores no especificados. • http://scn.sap.com/docs/DOC-8218 https://erpscan.io/advisories/dsecrg-13-004-sap-netweaver-di-arbitrary-file-upload https://service.sap.com/sap/support/notes/1757675 •