Lucene search
K

8298 matches found

Cvelist
Cvelist
added 2026/05/14 9:25 a.m.45 views

CVE-2026-2347 IDOR in Akıllı Ticaret's E-Commerce Pack

Authorization bypass through User-Controlled key vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Session Hijacking. This issue affects E-Commerce Website: before 4.5.001...

9.8CVSS0.00426EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 9:25 a.m.17 views

EUVD-2026-30264

Authorization bypass through User-Controlled key vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Session Hijacking. This issue affects E-Commerce Website: before 4.5.001...

9.8CVSS5.8AI score0.00426EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 9:21 a.m.7 views

CVE-2025-11024 SQLi in Akıllı Ticaret's E-Commerce Pack

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection. This issue affects E-Commerce Website: before 4.5.001...

9.8CVSS5.8AI score0.00358EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 9:21 a.m.8 views

CVE-2025-11024

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection. This issue affects E-Commerce Website: before 4.5.001...

9.8CVSS5.8AI score0.00358EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 9:21 a.m.18 views

CVE-2025-11024

The CVE-2025-11024 entry describes an SQL injection vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website prior to version 4.5.001. The issue is due to improper neutralization of special elements used in SQL commands, enabling a blind SQL injection. CVSS 3.1 base metr...

9.8CVSS5.8AI score0.00358EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 9:21 a.m.11 views

EUVD-2025-209838

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection. This issue affects E-Commerce Website: before 4.5.001...

9.8CVSS5.8AI score0.00358EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 9:21 a.m.47 views

CVE-2025-11024 SQLi in Akıllı Ticaret's E-Commerce Pack

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection. This issue affects E-Commerce Website: before 4.5.001...

9.8CVSS0.00358EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.9 views

PT-2026-40900

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection. This issue affects E-Commerce Website: before 4.5.001...

9.8CVSS5.8AI score0.00358EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.19 views

Akıllı E-Commerce Website SQL注入漏洞

Akıllı E-Commerce Website is an e-commerce website system developed by the Turkish company Akıllı, aimed at online retail and digital sales scenarios. Versions of Akıllı E-Commerce Website prior to 4.5.001 contained a SQL injection vulnerability. This vulnerability stemmed from improper...

9.8CVSS5.9AI score0.00358EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.9 views

PT-2026-40901

Name of the Vulnerable Software and Affected Versions E-Commerce Website versions prior to 4.5.001 Description An authorization bypass exists due to a user-controlled key, which allows for session hijacking. This is an Insecure Direct Object Reference IDOR, a condition where an application provid...

9.8CVSS5.8AI score0.00426EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.8 views

CVE-2026-34655

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may...

4.8CVSS5.8AI score0.00368EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.15 views

CVE-2026-34686

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may ...

8.7CVSS5.8AI score0.00402EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.15 views

CVE-2026-34645

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.8AI score0.00561EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.13 views

CVE-2026-34647

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.4CVSS5.8AI score0.00471EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.14 views

CVE-2026-34653

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary file system read and write. An authenticated attacker...

8.7CVSS5.9AI score0.00606EPSS
Exploits0References1
NCSC
NCSC
added 2026/05/13 9:27 a.m.16 views

Vulnerabilities in Adobe Commerce

Adobe has identified several vulnerabilities in Adobe Commerce. These vulnerabilities exist in various versions of Adobe Commerce, including 2.4.9-beta1 and earlier versions. One vulnerability, an Incorrect Authorization vulnerability, allows attackers to bypass authorization checks and obtain...

7.5CVSS5.8AI score0.2255EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 9:31 p.m.16 views

EUVD-2026-29764

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may...

4.8CVSS5.8AI score0.00368EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.16 views

EUVD-2026-29760

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources,...

7.5CVSS5.8AI score0.00675EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.12 views

EUVD-2026-29762

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary file system read and write. An authenticated attacker...

8.7CVSS5.9AI score0.00606EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.12 views

EUVD-2026-29765

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

4.3CVSS5.8AI score0.00393EPSS
Exploits0References2
Rows per page
Query Builder