cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-33664,https://securityvulnerability.io/vulnerability/CVE-2021-33664,,"SAP NetWeaver Application Server ABAP (Applications based on Web Dynpro ABAP), versions - SAP_UI - 750,752,753,754,755, SAP_BASIS - 702, 731 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.",SAP,SAP Netweaver Application Server Abap (applications Based On Web Dynpro Abap),5.4,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2021-06-09T13:32:50.000Z,0
CVE-2021-21491,https://securityvulnerability.io/vulnerability/CVE-2021-21491,,"SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.",SAP,SAP Netweaver Application Server Java (applications Based On Web Dynpro Java),4.7,MEDIUM,0.0008399999933317304,false,false,false,false,,false,false,2021-03-10T14:11:46.000Z,0
CVE-2021-21478,https://securityvulnerability.io/vulnerability/CVE-2021-21478,,SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.,SAP,SAP Netweaver As Abap (web Dynpro Abap),4.7,MEDIUM,0.0008399999933317304,false,false,false,false,,false,false,2021-02-09T20:44:40.000Z,0
CVE-2020-26818,https://securityvulnerability.io/vulnerability/CVE-2020-26818,,"SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752, 753, 754, 755, 782, allows an authenticated user to access Web Dynpro components, which reveals sensitive system information that would otherwise be restricted to highly privileged users because of missing authorization, resulting in Information Disclosure.",SAP,SAP Netweaver As Abap (web Dynpro),6.5,MEDIUM,0.0007800000021234155,false,false,false,false,,false,false,2020-11-10T16:17:12.000Z,0
CVE-2020-26819,https://securityvulnerability.io/vulnerability/CVE-2020-26819,,"SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752, 753, 754, 755, 782, allows an authenticated user to access Web Dynpro components, that allows them to read and delete database logfiles because of Improper Access Control.",SAP,SAP Netweaver As Abap (web Dynpro),5.4,MEDIUM,0.0008699999889358878,false,false,false,false,,false,false,2020-11-10T16:13:34.000Z,0
CVE-2020-6240,https://securityvulnerability.io/vulnerability/CVE-2020-6240,,"SAP NetWeaver AS ABAP (Web Dynpro ABAP), versions (SAP_UI 750, 752, 753, 754 and SAP_BASIS 700, 710, 730, 731, 804) allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service leading to Denial of Service",SAP,"SAP Netweaver As Abap (web Dynpro Abap) (SAP Ui),SAP Netweaver As Abap (web Dynpro Abap) (SAP Basis)",5.3,MEDIUM,0.0012400000123307109,false,false,false,false,,false,false,2020-05-12T17:46:58.000Z,0
CVE-2008-2421,https://securityvulnerability.io/vulnerability/CVE-2008-2421,,"Cross-site scripting (XSS) vulnerability in the Web GUI in SAP Web Application Server (WAS) 7.0, Web Dynpro for ABAP (aka WD4A or WDA), and Web Dynpro for BSP allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under bc/gui/sap/its/webgui/.",SAP,"SAP Web Application Server,Web Dynpro",,,0.8980900049209595,false,false,false,false,,false,false,2008-05-23T15:00:00.000Z,0