Vulnerabilities > SAP > Business Connector > Medium

DATE CVE VULNERABILITY TITLE RISK
2006-02-16 CVE-2006-0732 Remote Arbitrary File Access And Deletion vulnerability in SAP Business Connector 4.6/4.7
Directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName parameter to (1) sapbc/SAP/chopSAPLog.dsp or (2) invoke/sap.monitor.rfcTrace/deleteSingle.
network
low complexity
sap
6.4
2006-02-16 CVE-2006-0731 Unspecified vulnerability in SAP Business Connector
WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in the url parameter, which loads the URL inside a frame.
network
high complexity
sap
4.0