CVE-2025-65074 OS Command Injection via Path Traversal in WaveStore Server

WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version...

CVE-2025-65074

WaveView client/vulnerable component is WaveStore Server interaction. CVE-2025-65074 describes path traversal in the showerr script that lets a high-privileged attacker execute arbitrary OS commands on the server. Affected: WaveView client with WaveStore Server via showerr; impact is remote comma...

EUVD-2021-14526

Malware in sbrugna...

CodeChecker Path Traversal Vulnerability

Codechecker is an analysis tool, defect database and viewer extension for Clang Static Analyzer and Clang Tidy. A security vulnerability exists in CodeChecker versions prior to 6.23, which stems from Zip files uploaded to the CodeChecker store server endpoint that are not properly cleaned...

CVE-2023-37532

HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system...

Design/Logic Flaw

HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system...

CVE-2023-37532

CVE-2023-37532 affects HCL Commerce Remote Store server. The connected sources describe a directory traversal vulnerability that lets an attacker read arbitrary files on the target system by sending a specially crafted URL. The core issue is a failure to properly sanitize file paths, enabling acc...

Code injection

HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website...

HCL Technologies HCL Commerce Remote Store server 安全漏洞

HCL Technologies HCL Commerce is a software platform framework for e-commerce from HCL Technologies India. The software includes marketing, sales, customer and order processing functionality in a customizable and integrated package. It is a unified platform that provides the ability to conduct...

CVE-2021-27785

CVE-2021-27785 affects HCL Commerce (Remote Store server). The vulnerability could allow a local attacker to obtain sensitive personal information after the victim performs a specific operation on the website. Exploitability is local with low privileges and requires user interaction (UI:R) per CV...