10 matches found
CVE-2026-33843
CVE-2026-33843 affects Microsoft Azure Active Directory B2C. A authentication bypass via an alternate path or channel could allow an unauthorized attacker to elevate privileges over a network. The CVSSv3.1 base score is 9.1 (CRITICAL) with high impact on confidentiality and integrity, and no user...
The vulnerability of the Microsoft Azure Active Directory B2C access and identity management service, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of the Microsoft Azure Active Directory B2C access and identity management service is related to information representation errors in the user interface. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...
How to secure your hybrid work world with a Zero Trust approach
We are operating in the most complex cybersecurity landscape we’ve ever seen. Sophisticated and determined attackers are the norm. And we all are preparing for the next great disruption—hybrid work. Security has never been more important, and as I shared in another Security blog today, it’s clear...
ShopXO enterprise B2C free open source mall system backend file upload vulnerability
ShopXO is an open source PHP e-commerce system , based on ThinkPHP5.1 version of the development , easy to expand , with strong load capacity and stability . ShopXO enterprise-level B2C free open source mall system backend file upload vulnerability , attackers can exploit the vulnerability in the...
File Upload Vulnerability in B2C (Self-operated) Version of Mall
B2C self-operated version of the mall is a set of self-operated e-commerce system software for merchants developed by Yunmai E-commerce Co. A file upload vulnerability exists in the B2C self-managed version of Mall, which can be exploited by attackers to gain control of the web server...
Remote code execution vulnerability in ECShop backend te***.php file
ECShop is a B2C independent online store system, suitable for enterprises and individuals to quickly build a personalized online store. The system is based on PHP language and MYSQL database structure development of cross-platform open source program. ECShop background te.php file remote code...
CVE-2019-0308
An authenticated attacker in SAP E-Commerce Business-to-Consumer application, versions 7.3, 7.31, 7.32, 7.33, 7.54, can change the price of the product to zero and also checkout, by injecting an HTML code in the application that will be executed whenever the victim logs in to the application even...
CVE-2019-0308
SAP E-Commerce (Business-to-Consumer) vulnerable in versions 7.3, 7.31, 7.32, 7.33, and 7.54 due to an HTML injection that executes during user login. This allows an authenticated attacker to alter product prices to zero and perform checkout, revealing a Code Injection risk. Root cause is imprope...
SQL Injection Vulnerability in PHPSHE B2C Mall System v1.7ad***.php Page
PHPSHE B2C mall system is an online shopping mall system. The system supports express tracking, online chat, order evaluation and statistics. PHPSHE B2C Mall System v1.7ad.php page SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...
SAP B2B / B2C CRM Local File Inclusion Vulnerability
SAP enterprise application software solution provider. A local file inclusion vulnerability exists in SAP B2B / B2C CRM. An attacker can exploit the vulnerability to cause malicious data submitted externally to be entered as a variable in the file inclusion process, which could lead to the...