|
202231
|
7.2 |
HIGH
Network
|
wago
|
pfc200_firmware
|
An exploitable code execution vulnerability exists in the Web-Based Management (WBM) functionality of WAGO PFC 200 03.03.10(15). A specially crafted series of HTTP requests can cause code execution r…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2020-6090
|
2024-11-21 14:35 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202232
|
9.8 |
CRITICAL
Network
|
sap
|
netweaver_application_server_abap
|
SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, are vulnerable for Server Side Request Forgery Attack where in an attacker can use inappropriate path …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-6275
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202233
|
8.2 |
HIGH
Network
|
sap
|
solution_manager
|
SAP Solution Manager (Problem Context Manager), version 7.2, does not perform the necessary authentication, allowing an attacker to consume large amounts of memory, causing the system to crash and re…
|
CWE-91
Blind XPath Injection
|
CVE-2020-6271
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202234
|
6.5 |
MEDIUM
Network
|
sap
|
netweaver_application_server_abap
|
SAP NetWeaver AS ABAP (Banking Services), versions - 710, 711, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not perform necessary authorization checks for an authenticated user due to Missing Au…
|
CWE-862
Missing Authorization
|
CVE-2020-6270
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202235
|
6.5 |
MEDIUM
Network
|
sap
|
businessobjects_business_intelligence_platform
|
Under certain conditions SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker to access information which would otherwise be restricted, leading to Information Disclos…
|
NVD-CWE-noinfo
|
CVE-2020-6269
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202236
|
8.1 |
HIGH
Network
|
sap
|
erp_\(s4core\)
erp_\(ea-finserv\)
|
Statutory Reporting for Insurance Companies in SAP ERP (EA-FINSERV versions - 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104) does not execute the required authori…
|
CWE-862
Missing Authorization
|
CVE-2020-6268
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202237
|
5.4 |
MEDIUM
Network
|
sap
|
fiori
|
SAP Fiori for SAP S/4HANA, versions - 100, 200, 300, 400, allows an attacker to redirect users to a malicious site due to insufficient URL validation, leading to URL Redirection.
|
CWE-601
Open Redirect
|
CVE-2020-6266
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202238
|
7.5 |
HIGH
Network
|
sap
|
commerce
|
SAP Commerce, versions - 6.7, 1808, 1811, 1905, may allow an attacker to access information under certain conditions which would otherwise be restricted, leading to Information Disclosure.
|
NVD-CWE-noinfo
|
CVE-2020-6264
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202239
|
9.8 |
CRITICAL
Network
|
sap
|
netweaver_application_server_java
|
Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol, versions (SAP-JEECOR 7.00, 7.01; SERVERCOR 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; CORE-TOOLS 7.00, 7.01, 7.02, 7.05, 7.10, 7…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-6263
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202240
|
5.3 |
MEDIUM
Network
|
sap
|
solution_manager
|
SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows add…
|
CWE-91
Blind XPath Injection
|
CVE-2020-6260
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
