VYPR

xMII

by SAP

CVEs (1)

  • CVE-2016-2389HigFeb 16, 2016
    risk 0.55cvss 7.5epss 0.41

    Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security…