SAP » Sap Web Application Server : Security Vulnerabilities, CVEs, Published In 2005 CVSS score >= 3

CVE-2005-3636

Cross-site scripting (XSS) vulnerability in SAP Web Application Server (WAS) 6.10 allows remote attackers to inject arbitrary web script or HTML via Error Pages.
Max CVSS
4.3
EPSS Score
2.09%
Published
2005-11-16
Updated
2017-07-11

CVE-2005-3635

Multiple cross-site scripting (XSS) vulnerabilities in SAP Web Application Server (WAS) 6.10 through 7.00 allow remote attackers to inject arbitrary web script or HTML via (1) the sap-syscmd in sap-syscmd and (2) the BspApplication field in the SYSTEM PUBLIC test application.
Max CVSS
4.3
EPSS Score
1.59%
Published
2005-11-16
Updated
2017-07-11

CVE-2005-3634

frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to log users out and redirect them to arbitrary web sites via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl parameter.
Max CVSS
5.0
EPSS Score
2.84%
Published
2005-11-16
Updated
2017-07-11

CVE-2005-3633

HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to inject arbitrary HTML headers via the sap-exiturl parameter.
Max CVSS
5.0
EPSS Score
0.97%
Published
2005-11-16
Updated
2017-07-11
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close