SAP NetWeaver 'ABAD0_DELETE_DERIVATION_TABLE' Function SQL Injection Vulnerability

SAP NetWeaver is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.

SAP NetWeaver 7.30 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus