cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-41365,https://securityvulnerability.io/vulnerability/CVE-2023-41365,Information Disclosure vulnerability in SAP Business One (B1i),"SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details stack trace of the fault message to conduct the XXE injection, which will lead to information disclosure. After successful exploitation, an attacker can cause limited impact on the confidentiality and no impact to the integrity and availability.",SAP,SAP Business One (b1i),4.3,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2023-10-10T02:15:00.000Z,0
CVE-2023-33993,https://securityvulnerability.io/vulnerability/CVE-2023-33993,SQL Injection vulnerability in SAP Business One B1i Layer,"The B1i module of SAP Business One version 10.0 is susceptible to SQL injection, allowing an authenticated user with in-depth knowledge of the application to execute crafted SQL queries over the network. This vulnerability can potentially be exploited to read or modify sensitive SQL data, resulting in significant risks to the confidentiality, integrity, and availability of the application. Organizations using this module should prioritize immediate updates and enhance their security measures to mitigate potential threats.",SAP,SAP Business One (b1i Layer),7.1,HIGH,0.0009299999801442027,false,false,false,false,,false,false,2023-08-08T01:15:00.000Z,0