Lucene search
K

63 matches found

NVD
NVD
added 2022/05/06 6:15 p.m.16 views

CVE-2021-27751

HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible...

4.4CVSS0.00179EPSS
Exploits0References1
Prion
Prion
added 2022/05/06 6:15 p.m.16 views

Session fixation

HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible...

1.9CVSS4.2AI score0.00179EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/06 6:10 p.m.17 views

CVE-2021-27751 HCL Commerce is affected by an Insufficient Session Expiration vulnerability.

HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible...

4.4CVSS5.1AI score0.00179EPSS
Exploits0References1
CVE
CVE
added 2022/05/06 6:10 p.m.70 views

CVE-2021-27751

CVE-2021-27751 concerns HCL Commerce and an Insufficient Session Expiration vulnerability. According to the provided sources, after a user session expires, certain parts of the application remain accessible in some circumstances. The description is consistent across NVD and related records, but n...

4.4CVSS4.1AI score0.00179EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/05/06 12:0 a.m.3 views

HCL Commerce 代码问题漏洞

HCL Technologies HCL Commerce is a software platform framework for e-commerce from HCL Technologies India. The software includes marketing, sales, customer and order processing functionality in a customizable and integrated package. It is a unified platform that provides the ability to conduct...

4.4CVSS5AI score0.00179EPSS
Exploits0References2
NVD
NVD
added 2021/08/13 2:15 p.m.22 views

CVE-2021-27741

" Security vulnerability in HCL Commerce Management Center allowing XML external entity XXE injection"...

9.1CVSS0.01152EPSS
Exploits0References1
OSV
OSV
added 2021/08/13 2:15 p.m.2 views

CVE-2021-27741

" Security vulnerability in HCL Commerce Management Center allowing XML external entity XXE injection"...

9.1CVSS5.8AI score0.01152EPSS
Exploits0References1
Prion
Prion
added 2021/08/13 2:15 p.m.15 views

Xxe

" Security vulnerability in HCL Commerce Management Center allowing XML external entity XXE injection"...

6.4CVSS9.1AI score0.01152EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/13 1:20 p.m.27 views

CVE-2021-27741

" Security vulnerability in HCL Commerce Management Center allowing XML external entity XXE injection"...

9.4AI score0.01152EPSS
Exploits0References1
CVE
CVE
added 2021/08/13 1:20 p.m.54 views

CVE-2021-27741

CVE-2021-27741 affects the HCL Commerce Management Center and is caused by an XML External Entity (XXE) injection. According to the stored records, the vulnerability has a CVSS v3.1 base score of 9.1 (CRITICAL) with network attack vector, low attack complexity, no privileges required, and impacts...

9.1CVSS9.1AI score0.01152EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/08/13 12:0 a.m.5 views

HCL Commerce 代码问题漏洞

HCL Commerce is a software platform framework for e-commerce from HCL India. The software includes marketing, sales, customer and order processing functions in a customizable and integrated package. It is a unified platform that provides the ability to conduct business directly with consumers, wi...

9.1CVSS8.3AI score0.01152EPSS
Exploits0References1
OSV
OSV
added 2021/01/12 3:15 p.m.4 views

CVE-2020-14274

Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors...

7.5CVSS5.8AI score0.01311EPSS
Exploits0References1
OSV
OSV
added 2021/01/12 3:15 p.m.2 views

CVE-2020-14275

Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations...

9.8CVSS5.8AI score0.0144EPSS
Exploits0References1
NVD
NVD
added 2021/01/12 3:15 p.m.14 views

CVE-2020-14274

Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors...

7.5CVSS7.2AI score0.01311EPSS
Exploits0References1
NVD
NVD
added 2021/01/12 3:15 p.m.25 views

CVE-2020-14275

Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations...

9.8CVSS9.3AI score0.0144EPSS
Exploits0References1
Prion
Prion
added 2021/01/12 3:15 p.m.18 views

Information disclosure

Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors...

5CVSS7.2AI score0.01311EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/01/12 3:15 p.m.17 views

Design/Logic Flaw

Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations...

7.5CVSS9.1AI score0.0144EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/01/12 2:29 p.m.46 views

CVE-2020-14274

CVE-2020-14274 affects HCL Commerce 9.0.1.9–9.0.1.14 and 9.1–9.1.4, causing information disclosure of user personal data. The root cause and vectors are not specified in the provided documents; exploitation status is not detailed. No remediation steps are listed in these sources. Monitor for upda...

7.5CVSS7.2AI score0.01311EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/01/12 2:29 p.m.23 views

CVE-2020-14274

Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors...

7.2AI score0.01311EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/01/12 2:26 p.m.19 views

CVE-2020-14275

Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations...

9.3AI score0.0144EPSS
Exploits0References1
Rows per page
Query Builder