← back
CVE-2006-0731

CVE-2006-0731

EPSS 2.7%
WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in the url parameter, which loads the URL inside a frame.
Affected products
n/a · n/a
public PoCs found3
exploitdbwww.exploit-db.com/exploits/27235unverifiedexploitdbwww.exploit-db.com/exploits/27233unverifiedexploitdbwww.exploit-db.com/exploits/27234unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/18880http://securitytracker.com/id?1015639https://exchange.xforce.ibmcloud.com/vulnerabilities/24751http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Phishing_Vector_in_SAP_BC.pdfhttp://www.securityfocus.com/archive/1/425056/100/0/threadedhttp://www.securityfocus.com/archive/1/434012/30/4980/threadedhttp://www.securityfocus.com/bid/16671http://www.vupen.com/english/advisories/2006/0611