161 matches found
EUVD-2025-209065
HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability where in depending on how the web application handles the split response, an attacker may be able to execute arbitrary commands or inject harmful content into the response...
CVE-2025-55261
HCL Aftermarket DPC is affected by Missing Functional Level Access Control which will allow attacker to escalate his privileges and may compromise the application and may steal and manipulate the data...
CVE-2025-55262
HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database...
CVE-2025-55276
HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a clearer map of the organization’s network layout...
CVE-2025-55275
HCL Aftermarket DPC is affected by Admin Session Concurrency vulnerability using which an attacker can exploit concurrent sessions to hijack or impersonate an admin user...
CVE-2025-55268
HCL Aftermarket DPC is affected by Spamming Vulnerability which can allow the actor to excessive spamming can consume server bandwidth and processing resources which may lead to Denial of Service...
CVE-2025-55271
HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability where in depending on how the web application handles the split response, an attacker may be able to execute arbitrary commands or inject harmful content into the response...
CVE-2025-55266
HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carry out unauthorized transaction behalf of the user...
CVE-2025-55267
HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability, allows attacker to upload and execute malicious scripts, gaining full control over the server...
CVE-2025-55261 HCL Aftermarket DPC is affected by Missing Functional Level Access Control
HCL Aftermarket DPC is affected by Missing Functional Level Access Control which will allow attacker to escalate his privileges and may compromise the application and may steal and manipulate the data...
CVE-2025-55262 HCL Aftermarket DPC is affected by SQL Injection
HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database...
CVE-2025-55262
CVE-2025-55262 affects HCL Aftermarket DPC with a SQL Injection vulnerability that can allow an attacker to retrieve sensitive data from the database. The connected documents confirm the vulnerability and its impact but do not provide specifics on the vulnerable component paths, versions, exploit...
CVE-2025-55262
HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database...
CVE-2025-55262 HCL Aftermarket DPC is affected by SQL Injection
HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database...
CVE-2025-55263 HCL Aftermarket DPC is affected by Hardcoded Sensitive Data
HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...
CVE-2025-55264 HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change
HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change will allow attacker to access to a session, then they can maintain control over the account despite the password change leading to account takeover...
CVE-2025-55264
CVE-2025-55264 concerns HCL Aftermarket DPC, where a failure to invalidate sessions on password change can allow an attacker to retain access and maintain account control after a password update. The vulnerability description indicates a session persistence issue potentially enabling account take...
CVE-2025-55265 HCL Aftermarket DPC is affected by File Discovery
HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...
CVE-2025-55265
HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...
CVE-2025-55266 HCL Aftermarket DPC is affected by Session Fixation
HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carry out unauthorized transaction behalf of the user...