CVE-2019-0386

Order processing in SAP ERP Sales corrected in SAPAPPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18 and S4HANA Sales corrected in S4CORE 1.0, 1.01, 1.02, 1.03, 1.04 does not execute the required authorization checks for an authenticated user, which can result in an escalation of privileges...

CVE-2019-7890

An Insecure Direct Object Reference IDOR vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details...

Design/Logic Flaw

An Insecure Direct Object Reference IDOR vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details...

CVE-2019-7890

CVE-2019-7890 is an IDOR in Magento’s order processing workflow affecting 2.1.x before 2.1.18, 2.2 before 2.2.9, and 2.3 before 2.3.2. This could allow unauthorized access to order details. The NVD/Red Hat/OSV entries confirm a high-severity, network-exposed vulnerability with no required user pr...

Monthly Usage Report (X Days Left)

Challenge BEM displays "Please submit a monthly usage report x days left" after submitting usage report Cause There are a few scenarios that can produce this message, detailed below in solutions: Solution 1. Partner has submitted a spreadsheet containing monthly usage report information to 2...

IBM WebSphere Commerce Denial of Service Vulnerability (CNVD-2016-01706)

IBM WebSphere Commerce is a suite of e-commerce solutions from IBM in the United States. The solution supports all sales business models, including B2C, B2B and B2B2C, on a single customer interaction platform. A security vulnerability exists in IBM WebSphere Commerce. A remote attacker could...

Denial of service

IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows remote attackers to cause a denial of service order-processing outage via unspecified vectors...

CVE-2016-0208

IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows remote attackers to cause a denial of service order-processing outage via unspecified vectors...

Threat Outbreak Alert: Fake Order Processing Information Email Messages on January 5, 2014

Medium Alert ID: 32320 First Published: 2014 January 6 18:20 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain payment information for the recipient. The text in the email message attempts to convince the recipient to foll...

Threat Outbreak Alert: Fake Order Processing Email Messages on January 4, 2014

Medium Alert ID: 32319 First Published: 2014 January 6 14:18 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product order notification for the recipient. The text in the email message attempts to convince the recipien...

Swoopo Gold Shop CMS 8.4.56 - Multiple Web Vulnerabilities

Swoopo Gold Shop CMS 8.4.56 - Multiple Web Vulnerabilities Title: ====== Swoopo Gold Shop CMS v8.4.56 - Multiple Web Vulnerabilities Date: ===== 2012-05-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=515 VL-ID: ===== 515 Common Vulnerability Scoring System:...