inurl:infoviewapp

• SHDB
• 1345 阅读

• 日期：2019-01-09
• 类别：
  • Pages Containing Login Portals
• 作者：FlyingFrog
• 语法：inurl:infoviewapp

• AUTHOR: FlyingFrog
  Twitter: @ItsKarl0z

  ++ SAP InfoView Business Objects ++

  inurl:infoviewapp
  - Potential access to sensitive information
  - Login portals
  - Server entry points
  - Server
  - Potential to manipulate business objects
  - 2 Cross-Site Scripting Vulnerabillites available:
      - https://www.exploit-db.com/exploits/36936
      - https://www.exploit-db.com/exploits/36935
  - 3.680 results at the time of writing

  DISCLAIMER:
  (The vulnerabilities are suggestions, none of them have been tested by me,
  always request permission before testing anything on someone else system)
  Some of these are sourced from Onapsis, ERPscan and Rapid7 all have great sources on SAP testing