Vladimir Ivanov - Security Researcher - Exploit Intelligence Platform

CVE-2018-2392 NOMISEC HIGH WORKING POC

SAP Internet Graphics Server (IGS) XMLCHART XXE

Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.

1 stars

CVSS 7.5

View Code

CVE-2018-2392 METASPLOIT HIGH ruby WORKING POC

SAP Internet Graphics Server (IGS) XMLCHART XXE

Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.

CVSS 7.5

View Code

CVE-2020-6207 METASPLOIT CRITICAL ruby WORKING POC

SAP Solution Manager 7.2 - Auth Bypass

SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.

CVSS 9.8

View Code

CVE-2020-6207 METASPLOIT CRITICAL ruby WORKING POC

SAP Solution Manager 7.2 - Auth Bypass

SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.

CVSS 9.8

View Code