The ERPScan researchers, who discussed the vulnerabilities in a talk ‘SAP BUGS: The Phantom Security’ at the latest annual Troopers security conference in Heidelburg, identified the two vulnerabilities in SAP Netweaver AS Java as directory traversal …