Vulnerabilities > SAP > Business Connector
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-16 | CVE-2006-0732 | Remote Arbitrary File Access And Deletion vulnerability in SAP Business Connector 4.6/4.7 Directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName parameter to (1) sapbc/SAP/chopSAPLog.dsp or (2) invoke/sap.monitor.rfcTrace/deleteSingle. | 6.4 |
| 2006-02-16 | CVE-2006-0731 | Unspecified vulnerability in SAP Business Connector WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in the url parameter, which loads the URL inside a frame. | 4.0 |