CVE-2020-6206

SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as error or warning massages. This could mislead the victim to follow malicious instructions inserted by external attackers, leading to Cross Site Request Forgery...

Cloud customer service management platform 安全漏洞

Cloud customer service management platform is an application. A security vulnerability exists in Cloud customer service management platform, which originates from the presence of a SQL injection vulnerability that could allow a local attacker to execute arbitrary code via a crafted payload...

ServiceNow Orlando 安全漏洞

ServiceNow Orlando is a cloud-based platform from US-based ServiceNow, Inc. A security vulnerability exists in ServiceNow Orlando that stems from a password reset form in ServiceNow Orlando that provides different responses to invalid authentication attempts based on the existence of a username...

SAP Commerce Cloud 跨站脚本漏洞

SAP Commerce Cloud is a set of cloud-based e-commerce platform from Germany's SAP. It supports sales management, marketing management, order management, and operations management. SAP Commerce Cloud suffers from a cross-site scripting vulnerability that stems from a vulnerability in MIME sniffing...

Arbitrary File Download Vulnerability in HAND SRM Cloud Platform

HAND SRM Cloud Platform is a one-stop digital management platform based on SaaS service/technology architecture. HAND SRM Cloud Platform suffers from an arbitrary file download vulnerability that can be exploited by attackers to download files uploaded by other users...

Huawei FusionSphere OpenStack Signature Validation Vulnerability

Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. A signature validation vulnerability exists in Huawei...