VYPR

Internet Graphics Server

by SAP

CVEs (33)

  • CVE-2007-3613Jul 6, 2007
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in ADM:GETLOGFILE in SAP Internet Graphics Service (IGS) allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter.

  • CVE-2021-27626Jun 9, 2021
    risk 0.00cvss epss 0.01

    SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method…

  • CVE-2021-27622Jun 9, 2021
    risk 0.00cvss epss 0.01

    SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method…

  • CVE-2021-27627Jun 9, 2021
    risk 0.00cvss epss 0.01

    SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method…

  • CVE-2021-27623Jun 9, 2021
    risk 0.00cvss epss 0.01

    SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method…

  • CVE-2021-27624Jun 9, 2021
    risk 0.00cvss epss 0.01

    SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method…

  • CVE-2021-27620Jun 9, 2021
    risk 0.00cvss epss 0.01

    SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method Ups::AddPart()…

  • CVE-2021-27625Jun 9, 2021
    risk 0.00cvss epss 0.01

    SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method…

  • CVE-2006-6346Dec 7, 2006
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows remote attackers to cause a denial of service (service shutdown), obtain sensitive information (configuration files), and conduct certain…

  • CVE-2006-6345Dec 7, 2006
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 16 and earlier, and 7.00 Patchlevel 6 and earlier, allows remote attackers to delete arbitrary files via directory traversal sequences in an HTTP request. NOTE: This information is based…

  • CVE-2006-4133Aug 14, 2006
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40 and earlier, and 7.00 and earlier, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via an HTTP request with an ADM:GETLOGFILE command and a long portwatcher argument,…

  • CVE-2006-4134Aug 14, 2006
    risk 0.00cvss epss 0.02

    Unspecified vulnerability related to a "design flaw" in SAP Internet Graphics Service (IGS) 6.40 and earlier and 7.00 and earlier allows remote attackers to cause a denial of service (service shutdown) via certain HTTP requests. NOTE: This information is based upon a vague…

  • CVE-2005-1691Jul 26, 2005
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via ".." sequences in an HTTP GET request.

Page 2 of 2