CVE-2006-0731

Published: Feb 16, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in the url parameter, which loads the URL inside a frame.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

18880

third-party-advisory

x_refsource_SECUNIA

20060515 CYBSEC - Security Advisory: Phishing Vector in SAP BC (BusinessConnector)

mailing-list

x_refsource_BUGTRAQ

1015639

vdb-entry

x_refsource_SECTRACK

16671

vdb-entry

x_refsource_BID

20060215 CYBSEC - Security Pre-Advisory: Phishing Vector in SAP BC

mailing-list

x_refsource_BUGTRAQ

http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Phishing_Vector_in_SAP_BC.pdf

x_refsource_MISC

ADV-2006-0611

vdb-entry

x_refsource_VUPEN

sapbc-admin-spoofing(24751)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2006-0731

Description

Affected Products

References