Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-7742

Malware in sbrugna...

5.4CVSS5.5AI score0.00644EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-7741

Malware in sbrugna...

6.1CVSS6.3AI score0.00872EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-7743

Malware in sbrugna...

5.4CVSS5.5AI score0.00644EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2018-14318

Malware in sbrugna...

8.6CVSS8.8AI score0.01638EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-7744

Malware in sbrugna...

4.3CVSS4.8AI score0.01152EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/08/11 12:0 a.m.6 views

The vulnerability of the Omni Commerce Connect (OCC) application interface in the SAP Commerce Cloud and SAP Hybris Commerce e-commerce platforms allows a hacker to influence the confidentiality of protected information.

The vulnerability of the Omni Commerce Connect OCC application interface in the SAP Commerce Cloud and SAP Hybris Commerce platforms is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality of the...

5.9CVSS7.2AI score0.00435EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2019/01/08 8:29 p.m.4 views

CVE-2019-0238

SAP Commerce previously known as SAP Hybris Commerce, before version 6.7, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

6.1CVSS5.8AI score0.01016EPSS
Exploits0References3
CVE
CVE
added 2019/01/08 8:0 p.m.65 views

CVE-2019-0238

Summary: SAP Commerce (formerly SAP Hybris Commerce) before version 6.7 contains an XSS vulnerability caused by insufficient encoding of user-controlled inputs. This is documented in multiple sources (NVD CVE-2019-0238 and CNVD entry). Affected scope: pre-6.7 versions; no exact exploitation detai...

6.1CVSS6AI score0.01016EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/12/11 11:0 p.m.54 views

CVE-2018-2505

SAP Commerce (Hybris) storefronts are affected by an input validation issue that can lead to Cross-Site Scripting (XSS). The vulnerability arises from insufficient validation of user-controlled inputs. Fixed in SAP Hybris Commerce versions 6.2, 6.3, 6.4, 6.5, 6.6, and 6.7. The CVE describes a cli...

6.1CVSS5.9AI score0.01016EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/09/11 3:29 p.m.19 views

CVE-2018-2463

The Omni Commerce Connect API OCC of SAP Hybris Commerce, versions 6., is vulnerable to server-side request forgery SSRF attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC...

8.6CVSS8.5AI score0.01638EPSS
Exploits0References3
OSV
OSV
added 2018/09/11 3:29 p.m.4 views

CVE-2018-2463

The Omni Commerce Connect API OCC of SAP Hybris Commerce, versions 6., is vulnerable to server-side request forgery SSRF attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC...

8.6CVSS5.8AI score0.01638EPSS
Exploits0References3
Prion
Prion
added 2018/09/11 3:29 p.m.18 views

Server side request forgery (ssrf)

The Omni Commerce Connect API OCC of SAP Hybris Commerce, versions 6., is vulnerable to server-side request forgery SSRF attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC...

5CVSS8.5AI score0.01638EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/09/11 3:0 p.m.19 views

CVE-2018-2463

The Omni Commerce Connect API OCC of SAP Hybris Commerce, versions 6., is vulnerable to server-side request forgery SSRF attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC...

8.6AI score0.01638EPSS
Exploits0References3
OSV
OSV
added 2016/12/31 7:59 a.m.4 views

CVE-2016-6857

Cross-site scripting XSS vulnerability in the Create Catalogue feature in Hybris Management Console HMC in SAP Hybris before 5.2.0.13, 5.3.x before 5.3.0.11, 5.4.x before 5.4.0.11, 5.5.0.x before 5.5.0.10, 5.5.1.x before 5.5.1.11, 5.6.x before 5.6.0.11, and 5.7.x before 5.7.0.15 allows remote...

5.4CVSS5.9AI score0.00644EPSS
Exploits0References2
NVD
NVD
added 2016/12/31 7:59 a.m.18 views

CVE-2016-6856

Cross-site scripting XSS vulnerability in the Inbox Search feature in Hybris Management Console HMC in SAP Hybris before 6.0 allows remote attackers to inject arbitrary web script or HTML via the itemsperpage parameter...

6.1CVSS6.1AI score0.00872EPSS
Exploits0References2
OSV
OSV
added 2016/12/31 7:59 a.m.5 views

CVE-2016-6858

Cross-site scripting XSS vulnerability in the Create Employee feature in Hybris Management Console HMC in SAP Hybris before 5.0.4.11, 5.1.0.x before 5.1.0.11, 5.1.1.x before 5.1.1.12, 5.2.0.x and 5.3.0.x before 5.3.0.10, 5.4.x before 5.4.0.9, 5.5.0.x before 5.5.0.9, 5.5.1.x before 5.5.1.10, 5.6.x...

5.4CVSS5.9AI score0.00644EPSS
Exploits0References2
NVD
NVD
added 2016/12/31 7:59 a.m.19 views

CVE-2016-6857

Cross-site scripting XSS vulnerability in the Create Catalogue feature in Hybris Management Console HMC in SAP Hybris before 5.2.0.13, 5.3.x before 5.3.0.11, 5.4.x before 5.4.0.11, 5.5.0.x before 5.5.0.10, 5.5.1.x before 5.5.1.11, 5.6.x before 5.6.0.11, and 5.7.x before 5.7.0.15 allows remote...

5.4CVSS5.2AI score0.00644EPSS
Exploits0References2
Prion
Prion
added 2016/12/31 7:59 a.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Create Employee feature in Hybris Management Console HMC in SAP Hybris before 5.0.4.11, 5.1.0.x before 5.1.0.11, 5.1.1.x before 5.1.1.12, 5.2.0.x and 5.3.0.x before 5.3.0.10, 5.4.x before 5.4.0.9, 5.5.0.x before 5.5.0.9, 5.5.1.x before 5.5.1.10, 5.6.x...

3.5CVSS5.7AI score0.00644EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2016/12/31 7:59 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Create Catalogue feature in Hybris Management Console HMC in SAP Hybris before 5.2.0.13, 5.3.x before 5.3.0.11, 5.4.x before 5.4.0.11, 5.5.0.x before 5.5.0.10, 5.5.1.x before 5.5.1.11, 5.6.x before 5.6.0.11, and 5.7.x before 5.7.0.15 allows remote...

3.5CVSS5.7AI score0.00644EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/12/31 7:59 a.m.3 views

CVE-2016-6856

Cross-site scripting XSS vulnerability in the Inbox Search feature in Hybris Management Console HMC in SAP Hybris before 6.0 allows remote attackers to inject arbitrary web script or HTML via the itemsperpage parameter...

6.1CVSS5.9AI score0.00872EPSS
Exploits0References2
Rows per page
Query Builder