Lucene search
+L

10 matches found

CVE
CVE
added 2026/05/22 10:3 p.m.67 views

CVE-2026-33843

CVE-2026-33843 affects Microsoft Azure Active Directory B2C. A authentication bypass via an alternate path or channel could allow an unauthorized attacker to elevate privileges over a network. The CVSSv3.1 base score is 9.1 (CRITICAL) with high impact on confidentiality and integrity, and no user...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/28 12:0 a.m.7 views

The vulnerability of the Microsoft Azure Active Directory B2C access and identity management service, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft Azure Active Directory B2C access and identity management service is related to information representation errors in the user interface. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...

6.8CVSS6.9AI score0.0042EPSS
Exploits0References3
Microsoft Secure
Microsoft Secure
added 2021/05/12 1:0 p.m.43 views

How to secure your hybrid work world with a Zero Trust approach

We are operating in the most complex cybersecurity landscape we’ve ever seen. Sophisticated and determined attackers are the norm. And we all are preparing for the next great disruption—hybrid work. Security has never been more important, and as I shared in another Security blog today, it’s clear...

Exploits0
CNVD
CNVD
added 2020/03/26 12:0 a.m.1 views

ShopXO enterprise B2C free open source mall system backend file upload vulnerability

ShopXO is an open source PHP e-commerce system , based on ThinkPHP5.1 version of the development , easy to expand , with strong load capacity and stability . ShopXO enterprise-level B2C free open source mall system backend file upload vulnerability , attackers can exploit the vulnerability in the...

7.3AI score
Exploits0
CNVD
CNVD
added 2020/03/06 12:0 a.m.2 views

File Upload Vulnerability in B2C (Self-operated) Version of Mall

B2C self-operated version of the mall is a set of self-operated e-commerce system software for merchants developed by Yunmai E-commerce Co. A file upload vulnerability exists in the B2C self-managed version of Mall, which can be exploited by attackers to gain control of the web server...

7.2AI score
Exploits0
CNVD
CNVD
added 2019/12/17 12:0 a.m.2 views

Remote code execution vulnerability in ECShop backend te***.php file

ECShop is a B2C independent online store system, suitable for enterprises and individuals to quickly build a personalized online store. The system is based on PHP language and MYSQL database structure development of cross-platform open source program. ECShop background te.php file remote code...

8.7AI score
Exploits0
NVD
NVD
added 2019/06/12 3:29 p.m.15 views

CVE-2019-0308

An authenticated attacker in SAP E-Commerce Business-to-Consumer application, versions 7.3, 7.31, 7.32, 7.33, 7.54, can change the price of the product to zero and also checkout, by injecting an HTML code in the application that will be executed whenever the victim logs in to the application even...

6.8CVSS6.6AI score0.00858EPSS
Exploits0References2
CVE
CVE
added 2019/06/12 2:21 p.m.57 views

CVE-2019-0308

SAP E-Commerce (Business-to-Consumer) vulnerable in versions 7.3, 7.31, 7.32, 7.33, and 7.54 due to an HTML injection that executes during user login. This allows an authenticated attacker to alter product prices to zero and perform checkout, revealing a Code Injection risk. Root cause is imprope...

6.8CVSS6.5AI score0.00858EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/12/26 12:0 a.m.2 views

SQL Injection Vulnerability in PHPSHE B2C Mall System v1.7ad***.php Page

PHPSHE B2C mall system is an online shopping mall system. The system supports express tracking, online chat, order evaluation and statistics. PHPSHE B2C Mall System v1.7ad.php page SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

7.9AI score
Exploits0
CNVD
CNVD
added 2018/06/07 12:0 a.m.5 views

SAP B2B / B2C CRM Local File Inclusion Vulnerability

SAP enterprise application software solution provider. A local file inclusion vulnerability exists in SAP B2B / B2C CRM. An attacker can exploit the vulnerability to cause malicious data submitted externally to be entered as a variable in the file inclusion process, which could lead to the...

6.6AI score
Exploits0References1
Rows per page
Query Builder