CubeCart 输入验证错误漏洞

CubeCart is an open-source e-commerce software developed by CubeCart. In versions 6.6.x to 6.7.1 of CubeCart, there is a vulnerability related to input validation errors. This vulnerability stems from directly constructing the CCSTOREURL constant from the Host request headers and embedding the...

Couchbase Server 安全漏洞

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. A security vulnerability exists in Query Engine in Couchbase Server 6.5.x and 6.6.x through 6.6.1, which stems from a...

CVE-2020-6238

SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...

vRealize Operations for Horizon Adapter Information Disclosure Vulnerability

VMware vRealize Operations is operations management software that spans physical, virtual, and cloud environments and supports network environments based on vSphere, Hyper-V, or Amazon Web Services. An information disclosure vulnerability exists in vRealize Operations for Horizon Adapter versions...

EmpireCMS class/connect.php File Path Leakage Vulnerability

EmpireCMS is a free CMS Content Management System. A security vulnerability exists in EmpireCMS versions 6.6 through 7.2. The vulnerability can be exploited by a remote attacker to obtain the full path with the help of the class/connect.php file...