Vulnerabilities > CVE-2006-0731 - Unspecified vulnerability in SAP Business Connector

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
sap
exploit available
NVD
Published: 2006-02-16
Updated: 2024-11-21

Summary

WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in the url parameter, which loads the URL inside a frame.

Vulnerable Configurations

Part Description Count
Application
Sap
1

Exploit-Db

  • descriptionSAP Business Connector 4.6/4.7 adapter-index.dsp url Variable Arbitrary Site Redirect. CVE-2006-0731. Remote exploit for linux platform
    idEDB-ID:27235
    last seen2016-02-03
    modified2006-02-15
    published2006-02-15
    reporterLeandro Meiners
    sourcehttps://www.exploit-db.com/download/27235/
    titleSAP Business Connector 4.6/4.7 adapter-index.dsp url Variable Arbitrary Site Redirect
  • descriptionSAP Business Connector 4.6/4.7 chopSAPLog.dsp fullName Variable Arbitrary File Disclosure. CVE-2006-0731. Remote exploit for linux platform
    idEDB-ID:27233
    last seen2016-02-03
    modified2006-02-15
    published2006-02-15
    reporterLeandro Meiners
    sourcehttps://www.exploit-db.com/download/27233/
    titleSAP Business Connector 4.6/4.7 chopSAPLog.dsp fullName Variable Arbitrary File Disclosure
  • descriptionSAP Business Connector 4.6/4.7 deleteSingle fullName Variable Arbitrary File Deletion. CVE-2006-0731. Remote exploit for linux platform
    idEDB-ID:27234
    last seen2016-02-03
    modified2006-02-15
    published2006-02-15
    reporterLeandro Meiners
    sourcehttps://www.exploit-db.com/download/27234/
    titleSAP Business Connector 4.6/4.7 deleteSingle fullName Variable Arbitrary File Deletion

References