CVE-2025-55266 HCL Aftermarket DPC is affected by Session Fixation

HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carry out unauthorized transaction behalf of the user...

CVE-2025-55267

HCL Aftermarket DPC is affected by an Unrestricted File Upload vulnerability due to inadequate verification/filtering of uploaded files. This allows an attacker to upload and execute malicious scripts, potentially gaining full control over the server. The CVE entry notes a high-impact scenario (C...

CVE-2025-55267

HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability, allows attacker to upload and execute malicious scripts, gaining full control over the server...

CVE-2025-55267 HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability

HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability, allows attacker to upload and execute malicious scripts, gaining full control over the server...

CVE-2025-55267 HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability

HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability, allows attacker to upload and execute malicious scripts, gaining full control over the server...

CVE-2025-55268

HCL Aftermarket DPC is affected by Spamming Vulnerability which can allow the actor to excessive spamming can consume server bandwidth and processing resources which may lead to Denial of Service...

CVE-2025-55268 HCL Aftermarket DPC is affected by Spamming Vulnerability

HCL Aftermarket DPC is affected by Spamming Vulnerability which can allow the actor to excessive spamming can consume server bandwidth and processing resources which may lead to Denial of Service...

CVE-2025-55268 HCL Aftermarket DPC is affected by Spamming Vulnerability

HCL Aftermarket DPC is affected by Spamming Vulnerability which can allow the actor to excessive spamming can consume server bandwidth and processing resources which may lead to Denial of Service...

CVE-2025-55268

CVE-2025-55268 pertains to HCL Aftermarket DPC and describes a spamming vulnerability that allows an actor to generate excessive spam, potentially consuming server bandwidth and processing resources and leading to a Denial of Service. The available sources identify the affected product and the ge...

CVE-2025-55269 HCL Aftermarket DPC is affected by Weak Password Policy vulnerability

HCL Aftermarket DPC is affected by Weak Password Policy vulnerability, which makes it easier for attackers to guess weak passwords or use brute-force techniques to gain unauthorized access to user accounts...

CVE-2025-55269 HCL Aftermarket DPC is affected by Weak Password Policy vulnerability

HCL Aftermarket DPC is affected by Weak Password Policy vulnerability, which makes it easier for attackers to guess weak passwords or use brute-force techniques to gain unauthorized access to user accounts...

CVE-2025-55269

HCL Aftermarket DPC is affected by Weak Password Policy vulnerability, which makes it easier for attackers to guess weak passwords or use brute-force techniques to gain unauthorized access to user accounts...

CVE-2025-55270

CVE-2025-55270 affects HCL Aftermarket DPC. Connected sources confirm an input validation error that can be exploited to inject executable code, enabling XSS, SQL injection, and command injection, among other attacks. Root cause: improper input validation in the affected component/file. Documente...

CVE-2025-55270

HCL Aftermarket DPC is affected by Improper Input Validation which allows an attacker to inject executable code and can carry out attacks such as XSS, SQL Injection, Command Injection etc...

CVE-2025-55270 HCL Aftermarket DPC is affected by Improper Input Validation

HCL Aftermarket DPC is affected by Improper Input Validation which allows an attacker to inject executable code and can carry out attacks such as XSS, SQL Injection, Command Injection etc...

CVE-2025-55270 HCL Aftermarket DPC is affected by Improper Input Validation

HCL Aftermarket DPC is affected by Improper Input Validation which allows an attacker to inject executable code and can carry out attacks such as XSS, SQL Injection, Command Injection etc...

CVE-2025-55271

CVE-2025-55271 affects HCL Aftermarket DPC via HTTP Response Splitting vulnerability. The available connected documents describe that an attacker may be able to execute arbitrary commands or inject harmful content depending on how the web application handles split responses. The PT-2026-28296 ent...

CVE-2025-55271 HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability

HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability where in depending on how the web application handles the split response, an attacker may be able to execute arbitrary commands or inject harmful content into the response...

CVE-2025-55272 HCL Aftermarket DPC is affected by Banner Disclosure vulnerability

HCL Aftermarket DPC is affected by Banner Disclosure vulnerability where attackers gain insights into the system’s software and version details which would allow them to craft software specific attacks...

CVE-2025-55273 HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability

HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability where an attacker using external scripts can tamper with the DOM, altering the content or behavior of the application. Malicious scripts can steal cookies or session tokens, leading to session hijacking...