Vulnerabilities > SAP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-11-06 | CVE-2014-8668 | SQL Injection vulnerability in SAP Contract Accounting SQL injection vulnerability in SAP Contract Accounting allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2014-11-06 | CVE-2014-8667 | Cross-Site Scripting vulnerability in SAP Hana Web-Based Development Workbench Cross-site scripting (XSS) vulnerability in SAP HANA Web-based Development Workbench allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2014-11-06 | CVE-2014-8666 | Information Exposure vulnerability in SAP Business Intelligence Development Workbench The User & Server configuration, InfoView refresh, user rights (BI-BIP-ADM) component in SAP Business Intellignece allows remote attackers to obtain audit event details via unspecified vectors. | 5.0 |
| 2014-11-06 | CVE-2014-8665 | Information Exposure vulnerability in SAP Business Intelligence Development Workbench The SAP Business Intelligence Development Workbench allows remote attackers to obtain sensitive information by reading unspecified files. | 5.0 |
| 2014-11-06 | CVE-2014-8664 | SQL Injection vulnerability in SAP Environment Health and Safety SQL injection vulnerability in Product Safety (EHS-SAF) component in SAP Environment, Health, and Safety Management allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2014-11-06 | CVE-2014-8663 | SQL Injection vulnerability in SAP Netweaver Business Warehouse SQL injection vulnerability in Data Basis (BW-WHM-DBA) in SAP NetWeaver Business Warehouse allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2014-11-06 | CVE-2014-8662 | Denial of Service vulnerability in SAP Payroll Process Unspecified vulnerability in SAP Payroll Process allows remote attackers to cause a denial of service via vectors related to session handling. | 7.8 |
| 2014-11-06 | CVE-2014-8661 | Code Injection vulnerability in SAP Customer Relationship Management Internet Sales The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecified vectors. | 10.0 |
| 2014-11-06 | CVE-2014-8660 | Code Injection vulnerability in SAP Document Management Services SAP Document Management Services allows local users to execute arbitrary commands via unspecified vectors. | 7.2 |
| 2014-11-06 | CVE-2014-8659 | Path Traversal vulnerability in SAP Environment Health and Safety Directory traversal vulnerability in SAP Environment, Health, and Safety allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |