Lucene search
K

161 matches found

EUVD
EUVD
added 2026/03/26 3:30 p.m.4 views

EUVD-2025-209065

HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability where in depending on how the web application handles the split response, an attacker may be able to execute arbitrary commands or inject harmful content into the response...

8.8CVSS6.1AI score0.00318EPSS
Exploits0References2
NVD
NVD
added 2026/03/26 2:16 p.m.6 views

CVE-2025-55261

HCL Aftermarket DPC is affected by Missing Functional Level Access Control which will allow attacker to escalate his privileges and may compromise the application and may steal and manipulate the data...

9.8CVSS0.00319EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 2:16 p.m.2 views

CVE-2025-55262

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database...

8.3CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 1:16 p.m.2 views

CVE-2025-55276

HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a clearer map of the organization’s network layout...

5.3CVSS0.00202EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 1:16 p.m.4 views

CVE-2025-55275

HCL Aftermarket DPC is affected by Admin Session Concurrency vulnerability using which an attacker can exploit concurrent sessions to hijack or impersonate an admin user...

8.1CVSS0.00218EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 1:16 p.m.3 views

CVE-2025-55268

HCL Aftermarket DPC is affected by Spamming Vulnerability which can allow the actor to excessive spamming can consume server bandwidth and processing resources which may lead to Denial of Service...

5.3CVSS0.0027EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 1:16 p.m.4 views

CVE-2025-55271

HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability where in depending on how the web application handles the split response, an attacker may be able to execute arbitrary commands or inject harmful content into the response...

8.8CVSS0.00318EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 1:16 p.m.2 views

CVE-2025-55266

HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carry out unauthorized transaction behalf of the user...

6.5CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 1:16 p.m.4 views

CVE-2025-55267

HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability, allows attacker to upload and execute malicious scripts, gaining full control over the server...

9.8CVSS0.00295EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/26 1:10 p.m.1 views

CVE-2025-55261 HCL Aftermarket DPC is affected by Missing Functional Level Access Control

HCL Aftermarket DPC is affected by Missing Functional Level Access Control which will allow attacker to escalate his privileges and may compromise the application and may steal and manipulate the data...

8.1CVSS5.8AI score0.00319EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/26 1:7 p.m.24 views

CVE-2025-55262 HCL Aftermarket DPC is affected by SQL Injection

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database...

8.3CVSS0.00271EPSS
Exploits0References1
CVE
CVE
added 2026/03/26 1:7 p.m.9 views

CVE-2025-55262

CVE-2025-55262 affects HCL Aftermarket DPC with a SQL Injection vulnerability that can allow an attacker to retrieve sensitive data from the database. The connected documents confirm the vulnerability and its impact but do not provide specifics on the vulnerable component paths, versions, exploit...

8.3CVSS5.8AI score0.00271EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/26 1:7 p.m.2 views

CVE-2025-55262

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database...

8.3CVSS5.8AI score0.00271EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/26 1:7 p.m.2 views

CVE-2025-55262 HCL Aftermarket DPC is affected by SQL Injection

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database...

8.3CVSS5.8AI score0.00271EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/26 1:5 p.m.25 views

CVE-2025-55263 HCL Aftermarket DPC is affected by Hardcoded Sensitive Data

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

7.3CVSS0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/26 1:4 p.m.21 views

CVE-2025-55264 HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change

HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change will allow attacker to access to a session, then they can maintain control over the account despite the password change leading to account takeover...

5.5CVSS0.00118EPSS
Exploits0References1
CVE
CVE
added 2026/03/26 1:4 p.m.8 views

CVE-2025-55264

CVE-2025-55264 concerns HCL Aftermarket DPC, where a failure to invalidate sessions on password change can allow an attacker to retain access and maintain account control after a password update. The vulnerability description indicates a session persistence issue potentially enabling account take...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/26 1:2 p.m.20 views

CVE-2025-55265 HCL Aftermarket DPC is affected by File Discovery

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...

6.5CVSS0.0032EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 1:2 p.m.2 views

CVE-2025-55265

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...

6.5CVSS5.8AI score0.0032EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/26 1:2 p.m.1 views

CVE-2025-55266 HCL Aftermarket DPC is affected by Session Fixation

HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carry out unauthorized transaction behalf of the user...

5.9CVSS5.8AI score0.00251EPSS
Exploits0References1
Rows per page
Query Builder