Why Intelligent Contract Solutions Are Replacing Traditional CLM Systems

Intelligent contract solutions replace traditional CLM by adding AI analysis, benchmarking, and risk insights that speed reviews, reduce delays, and improve decisions...

EUVD-2019-10708

Malware in sbrugna...

EUVD-2024-18991

Malicious code in bioql PyPI...

CVE-2022-41273

Due to improper input sanitization in SAP Sourcing and SAP Contract Lifecycle Management - version 1100, an attacker can redirect a user to a malicious website. In order to perform this attack, the attacker sends an email to the victim with a manipulated link that appears to be a legitimate SAP...

CVE-2019-20153

An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM in v5.4. An XML external entity XXE vulnerability in the upload definition feature in definitionuploadattach.jsp allows authenticated remote attackers to read arbitrary files including configuration files...

The vulnerability of the Award Processes component of the procurement management platform Oracle Contract Lifecycle Management for the public sector, which is part of the enterprise automation system Oracle E-Business Suite. This vulnerability allows a perpetrator to gain unauthorized access to create, read, modify, and delete data.

The vulnerability of the Award Processes component of the procurement management platform Oracle Contract Lifecycle Management for the public sector system is related to deficiencies in the authorization mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain...

CVE-2024-21278

Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E-Business Suite component: Award Processes. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2024-21278

Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E-Business Suite component: Award Processes. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2024-21278

Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E-Business Suite component: Award Processes. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2024-21278

CVE-2024-21278 affects Oracle E-Business Suite’s Contract Lifecycle Management for Public Sector (Award Processes). Affected versions are 12.2.3–12.2.13. The vulnerability allows a low-privilege, network-accessible attacker (via HTTP) to impersonate legitimate operations, potentially leading to u...

PT-2023-9575 · Oracle · Oracle E-Business Suite +1

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.13 Description: The issue is related to a vulnerability in the Award Processes component of Oracle Contract Lifecycle Management for Public Sector, which is part of Oracle E-Business Suite...

CVE-2022-41273

Due to improper input sanitization in SAP Sourcing and SAP Contract Lifecycle Management - version 1100, an attacker can redirect a user to a malicious website. In order to perform this attack, the attacker sends an email to the victim with a manipulated link that appears to be a legitimate SAP...

CVE-2022-41273

Due to improper input sanitization in SAP Sourcing and SAP Contract Lifecycle Management - version 1100, an attacker can redirect a user to a malicious website. In order to perform this attack, the attacker sends an email to the victim with a manipulated link that appears to be a legitimate SAP...

Input validation

Due to improper input sanitization in SAP Sourcing and SAP Contract Lifecycle Management - version 1100, an attacker can redirect a user to a malicious website. In order to perform this attack, the attacker sends an email to the victim with a manipulated link that appears to be a legitimate SAP...

PT-2022-25782 · Sap · Sap Sourcing +1

Name of the Vulnerable Software and Affected Versions: SAP Sourcing and SAP Contract Lifecycle Management version 1100 Description: The issue arises from improper input sanitization, allowing an attacker to redirect a user to a malicious website. The attack is performed by sending an email with a...

SAP Sourcing和SAP Contract Lifecycle Management 1100 输入验证错误漏洞

SAP Sourcing and SAP Contract Lifecycle Management are both products of SAP, an in-house application that provides an end-to-end solution for the procurement process. SAP Sourcing is an on-premise application that provides an end-to-end solution for the procurement process.SAP Contract Lifecycle...

CVE-2019-20154

An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM v5.4. A cross-site scripting XSS vulnerability in multiple getchart.jsp parameters allows remote attackers to inject arbitrary web script or HTML...

CVE-2019-20153

An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM in v5.4. An XML external entity XXE vulnerability in the upload definition feature in definitionuploadattach.jsp allows authenticated remote attackers to read arbitrary files including configuration files...

Code injection

An issue was discovered in reportedit.jsp in Determine formerly Selectica Contract Lifecycle Management CLM v5.4. Any authenticated user may execute Groovy code when generating a report, resulting in arbitrary code execution on the underlying server...

Cross site scripting

An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM v5.4. A cross-site scripting XSS vulnerability in multiple getchart.jsp parameters allows remote attackers to inject arbitrary web script or HTML...