63 matches found
CVE-2021-27751
HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible...
Session fixation
HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible...
CVE-2021-27751 HCL Commerce is affected by an Insufficient Session Expiration vulnerability.
HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible...
CVE-2021-27751
CVE-2021-27751 concerns HCL Commerce and an Insufficient Session Expiration vulnerability. According to the provided sources, after a user session expires, certain parts of the application remain accessible in some circumstances. The description is consistent across NVD and related records, but n...
HCL Commerce 代码问题漏洞
HCL Technologies HCL Commerce is a software platform framework for e-commerce from HCL Technologies India. The software includes marketing, sales, customer and order processing functionality in a customizable and integrated package. It is a unified platform that provides the ability to conduct...
CVE-2021-27741
" Security vulnerability in HCL Commerce Management Center allowing XML external entity XXE injection"...
CVE-2021-27741
" Security vulnerability in HCL Commerce Management Center allowing XML external entity XXE injection"...
Xxe
" Security vulnerability in HCL Commerce Management Center allowing XML external entity XXE injection"...
CVE-2021-27741
" Security vulnerability in HCL Commerce Management Center allowing XML external entity XXE injection"...
CVE-2021-27741
CVE-2021-27741 affects the HCL Commerce Management Center and is caused by an XML External Entity (XXE) injection. According to the stored records, the vulnerability has a CVSS v3.1 base score of 9.1 (CRITICAL) with network attack vector, low attack complexity, no privileges required, and impacts...
HCL Commerce 代码问题漏洞
HCL Commerce is a software platform framework for e-commerce from HCL India. The software includes marketing, sales, customer and order processing functions in a customizable and integrated package. It is a unified platform that provides the ability to conduct business directly with consumers, wi...
CVE-2020-14274
Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors...
CVE-2020-14275
Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations...
CVE-2020-14274
Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors...
CVE-2020-14275
Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations...
Information disclosure
Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors...
Design/Logic Flaw
Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations...
CVE-2020-14274
CVE-2020-14274 affects HCL Commerce 9.0.1.9–9.0.1.14 and 9.1–9.1.4, causing information disclosure of user personal data. The root cause and vectors are not specified in the provided documents; exploitation status is not detailed. No remediation steps are listed in these sources. Monitor for upda...
CVE-2020-14274
Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors...
CVE-2020-14275
Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations...