what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Darya Maenkova

SAP Security Notes For July, 2015

Posted Jul 16, 2015

Authored by Darya Maenkova

The monthly critical patch for SAP for July, 2015 includes missing authorization checks, information disclosure, and remote code execution vulnerabilities.

tags | advisory, remote, vulnerability, code execution, info disclosure

SHA-256 | 33063b36cddb11eba63a949b7e3cac6274e377fdbbdcac57db8364e3c860dd94

Download | Favorite | View

SAP XXE / Hardcoded Credentials / SQL Injection / Overflow

Posted Jun 11, 2015

Authored by Darya Maenkova, Diana Grigorieva, Rustem Gazizov, Vahagn Vardanyan

SAP has released the monthly critical patch update for June 2015. This patch update closes buffer overflow, remote SQL injection, XML eXternal Entity, and hardcoded credentials vulnerabilities.

tags | advisory, remote, overflow, vulnerability, sql injection, xxe

advisories | CVE-2015-0204

SHA-256 | 19387f24cc2e3fc9d5721e3adda4e660354e12481fa568f2e559c14584e13347

Download | Favorite | View

SAP ERPScan XXE Injection / XSS / Missing Authorization

Posted May 21, 2015

Authored by Darya Maenkova

SAP ERPScan has patched buffer overflow, XXE injection, and missing authorization vulnerabilities.

tags | advisory, overflow, vulnerability, xxe

SHA-256 | de0cd2f323a3c4f9aa15056db27e15071c37dd9bcf40321c654953ba86e94f21

Download | Favorite | View