• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-601

CVE-2022-41275

February 23, 2023 by godfreyd94

In SAP Solution Manager (Enterprise Search) – versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impact on confidentiality and integrity.

CVE-2022-41204

February 23, 2023 by godfreyd94

An attacker can change the content of an SAP Commerce – versions 1905, 2005, 2105, 2011, 2205, login page through a manipulated URL. They can inject code that allows them to redirect submissions from the affected login form to their own server. This allows them to steal credentials and hijack accounts. A successful attack could compromise the Confidentiality, Integrity, and Availability of the system.

CVE-2022-41207

February 23, 2023 by godfreyd94

SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL. When clicked by an unsuspecting victim, it will use an unsensitized parameter to redirect the victim to a malicious site of the attacker’s choosing which can result in disclosure or modification of the victim’s information.

CVE-2022-41215

February 23, 2023 by godfreyd94

SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.

CVE-2022-40754

February 23, 2023 by godfreyd94

In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver’s `/confirm` endpoint.

CVE-2022-40248

February 23, 2023 by godfreyd94

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the “Product Affected” field.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 71
  • Go to page 72
  • Go to page 73
  • Go to page 74
  • Go to page 75
  • Interim pages omitted …
  • Go to page 92
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE