|
209711
|
8.8 |
HIGH
Network
|
sapplica
|
sentrifugo
|
In Sentrifugo 3.2, users can share an announcement under "Organization -> Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26804
|
2024-11-21 14:20 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209712
|
8.8 |
HIGH
Network
|
sapplica
|
sentrifugo
|
In Sentrifugo 3.2, users can upload an image under "Assets -> Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious f…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26803
|
2024-11-21 14:20 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209713
|
10.0 |
CRITICAL
Network
|
sap
|
solution_manager
|
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Legacy Ports Service, this has an…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-26824
|
2024-11-21 14:20 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209714
|
8.8 |
HIGH
Network
|
tibco
|
iprocess_workspace_browser
|
The Core component of TIBCO Software Inc.'s TIBCO iProcess Workspace (Browser) contains a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a Cross Si…
|
CWE-352
Origin Validation Error
|
CVE-2020-27146
|
2024-11-21 14:20 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209715
|
10.0 |
CRITICAL
Network
|
sap
|
solution_manager
|
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Diagnostics Agent Connection Serv…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-26823
|
2024-11-21 14:20 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209716
|
10.0 |
CRITICAL
Network
|
sap
|
solution_manager
|
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Outside Discovery Configuration Service, …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-26822
|
2024-11-21 14:20 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209717
|
10.0 |
CRITICAL
Network
|
sap
|
solution_manager
|
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the SVG Converter Service, this has an impact…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-26821
|
2024-11-21 14:20 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209718
|
7.2 |
HIGH
Network
|
sap
|
netweaver_application_server_java
|
SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker who is authenticated as an administrator to use the administrator console, to expose unauthenticated access to the f…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26820
|
2024-11-21 14:20 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209719
|
8.8 |
HIGH
Network
|
sap
|
netweaver_application_server_abap
|
SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752, 753, 754, 755, 782, allows an authenticated user to access Web Dynpro components, that allows them to read and delete database …
|
NVD-CWE-noinfo
|
CVE-2020-26819
|
2024-11-21 14:20 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209720
|
8.8 |
HIGH
Network
|
sap
|
netweaver_application_server_abap
|
SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752, 753, 754, 755, 782, allows an authenticated user to access Web Dynpro components, which reveals sensitive system information th…
|
CWE-862
Missing Authorization
|
CVE-2020-26818
|
2024-11-21 14:20 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
