CVE-2015-2811
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2015-2811
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
XML external entity (XXE) vulnerability in ReportXmlViewer in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2111939.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
SAP NetWeaver Portal ReportXmlViewer XML外部实体漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SAP NetWeaver是德国思爱普(SAP)公司的一套面向服务的集成化应用平台,它可为SAP应用提供开发和运行环境。SAP NetWeaver Portal是其中的一套门户网站解决方案,它通过Web浏览器提供单点登录信息进行身份验证。 SAP NetWeaver Portal 7.31.201109172004版本的ReportXmlViewer中存在XML外部实体漏洞。远程攻击者可借助特制的XML文档利用该漏洞向内网服务器发送请求。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2015-2811
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2015-2811
请登录查看更多情报信息。
Same Patch Batch · n/a · 2015-04-01 · 40 CVEs total
| CVE-2015-0810 | Mozilla Firefox 输入验证漏洞 | |
| CVE-2015-0800 | Mozilla Firefox DNS解析程序信息泄露 | |
| CVE-2015-0801 | 多款Mozilla产品权限许可和访问控制漏洞 | |
| CVE-2015-0802 | Mozilla Firefox 权限许可和访问控制漏洞 | |
| CVE-2015-0803 | Mozilla Firefox‘HTMLSourceElement::AfterSetAttr’函数权限许可和访问控制漏洞 | |
| CVE-2015-0804 | Mozilla Firefox‘HTMLSourceElement::BindToTree’函数权限许可和访问控制漏洞 | |
| CVE-2015-0805 | Mozilla Firefox Off Main Thread Compositing 代码注入漏洞 | |
| CVE-2015-0806 | Mozilla Firefox Off Main Thread Compositing 代码注入漏洞 | |
| CVE-2015-0807 | 多款Mozilla产品navigator.sendBeacon 跨站请求伪造漏洞 | |
| CVE-2015-0808 | Mozilla Firefox WebRTC 代码注入漏洞 | |
| CVE-2012-2808 | Android Bionic 安全漏洞 | |
| CVE-2015-0811 | Mozilla Firefox QCMS 缓冲区溢出漏洞 | |
| CVE-2015-0812 | Mozilla Firefox 代码注入漏洞 | |
| CVE-2015-0813 | 多款Mozilla产品‘AppendElements’函数释放后重用漏洞 | |
| CVE-2015-0814 | Mozilla Firefox 安全漏洞 | |
| CVE-2015-0815 | 多款Mozilla产品安全漏洞 | |
| CVE-2015-0816 | 多款Mozilla产品权限许可和访问控制漏洞 | |
| CVE-2015-1892 | IBM Security Access Manager for Web Multicast DNS 信息泄露漏洞 | |
| CVE-2015-2809 | Synology DiskStation Manager Multicast DNS 信息泄露漏洞 | |
| CVE-2015-2808 | RC4 加密问题漏洞 |
Showing top 20 of 40 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2015-2811
No comments yet