...
SAP NetWeaver® Development Infrastructure (NWDI) based applications
SAP NetWeaver® Developer Studio (NWDS) application
Web DynPro® applications
.NET Connector (NCo) for C#, VB.NET and Managed C++
Each vulnerability detected will be classified using OWASP Top 10 2021, OWASP Top 10 API 2019, WASC, CVSS 3.1, PCI-DSS 4.0 and 3.2.1, BITEC and CWE 4.9 compliance standards.
SAP HANA
SAP HANA is an in-memory data platform that can be deployed on premise or on demand. At its core, it is an innovative in-memory relational database management system.
...
Dead Code (defined fields never referenced, code never executed, subroutine never called)
Deprecated, Unsupported or Obsolete Functions
SQL Abuse (SQL Injection, SQL bad commands, System Variables manipulation, etc.)
HTTP Abuse (Header, Session or Cookies manipulation)
HTTP Response Splitting/Tampering, URL Redirect, File Upload, File Download, etc.)
Information Leak, Privacy Violation, Password management/hardened mistakes
Authentication/hardened Credential mistakes
Code Injection, Command Injection, Resource Injection LDAP Injection, XPath Injection
XML Injection, File Injection, Mail Injection, PDF Injection, Cross-Site Scripting
Invalid Process Control, Kernel Calls, Dangerous ABAP commands
Denial Of Service (Connection-exceptions, Flood, XML, Shutdown, Lock, etc.)
Buffer Overflow
Log Forging
Path Manipulation, Directory Traversal
Database Access and Authorization mistakes
Unsecure Communications (missed SSL, Outgoing FTP, Phishing, etc.)
CSRF (Cross-Site Request Forgery)
Misconfiguration Mistakes
Insecure Cryptography
Poor Error handling/Logging, Poor Input Validation
Dynamic Code, Native Code/Library
A Each vulnerability detected will be classified using OWASP Top 10 2021, OWASP Top 10 API 2019, WASC, CVSS 3.1, PCI-DSS 4.0 and 3.2.1, BITEC and CWE 4.9 compliance standards. A graphical user interface provides navigation through detected vulnerabilities:
...