March 6, 2018 / Blog Adapting hashcat for SAP ‘half hashes’ hashcat, password cracking, SAP NetWeaver Security, SAP Penetration testing
February 16, 2018 / Advisories [ERPSCAN-18-004] RCE via path Traversal using CSRF in SAP CRM CSRF vulnerability, SAP NetWeaver Security
March 14, 2017 / Advisories [ERPSCAN-17-015] SAP NetWeaver disp+work anonymous denial of service DoS vulnerability, SAP NetWeaver Security
March 14, 2017 / Advisories [ERPSCAN-17-013] SAP NetWeaver disp+work anonymous denial of service with crafted DIAG request DoS vulnerability, SAP NetWeaver Security
January 10, 2017 / Advisories [ERPSCAN-17-004] SAP NetWeaver Java 7.5 XXE SAP NetWeaver Security, XXE vulnerability
January 10, 2017 / Advisories [ERPSCAN-17-003] SAP NetWeaver AS Java getUserUddiElements SQL Injection SAP NetWeaver Security, SQL Injection vulnerability
January 10, 2017 / Advisories [ERPSCAN-17-002] SAP NetWeaver AS JAVA XSS in portal app component SAP NetWeaver Security, SAP Portal, XSS vulnerability
January 10, 2017 / Advisories [ERPSCAN-17-001] SAP AS JAVA DoS in BC-IAM-SSO-OTP package via QR Servlet DoS vulnerability, SAP NetWeaver Security
December 13, 2016 / Advisories [ERPSCAN-16-041] SAP NetWeaver directory creation outside of the JVM Directory Traversal vulnerability, SAP NetWeaver Security
November 9, 2016 / Advisories [ERPSCAN-16-040] SAP Hybris E-commerce Suite VirtualJDBC SQL Injection SAP NetWeaver Security, SQL Injection vulnerability