SAP Business Intelligence CVE-2016-6818 SQL Injection Vulnerability

SAP Business Intelligence is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.


Bugtraq ID: 97661
Class: Input Validation Error
CVE: CVE-2016-6818

Remote: Yes
Local: No
Published: Jan 10 2017 12:00AM
Updated: Jan 10 2017 12:00AM
Credit: ERPScan
Vulnerable: SAP Business Intelligence 0

Not Vulnerable:


An attacker can exploit this issue using a browser.

Related Posts