Arbitrary SQL Command Execution Vulnerability in SAP NetWeaver J2EE Engine 7.40

Arbitrary SQL Command Execution Vulnerability in SAP NetWeaver J2EE Engine 7.40

CVE-2015-7239 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in the BP_FIND_JOBS_WITH_PROGRAM function module in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.