Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 11:42 p.m.1 views

CVE-2022-41204

An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205, login page through a manipulated URL. They can inject code that allows them to redirect submissions from the affected login form to their own server. This allows them to steal credentials and hijack...

8.8CVSS8.7AI score0.00418EPSS
Exploits0References1
CNNVD
CNNVDadded 2021/05/11 12:0 a.m.2 views

SAP Commerce 安全漏洞

SAP Commerce is a set of cloud-based e-commerce platform from Germany's SAP. This product supports sales management, marketing management, order management and operations management. An information disclosure vulnerability exists in SAP Commerce versions 1808, 1811, 1905, 2005, and 2011. An...

6.5CVSS5.6AI score0.00184EPSS
Exploits0References3
CNVD
CNVDadded 2020/11/11 12:0 a.m.1 views

SAP Commerce Cloud Denial of Service Vulnerability

SAP Commerce Cloud is a cloud-native omnichannel commerce solution for B2B, B2C and B2B2C companies. A denial of service vulnerability exists in SAP Commerce Cloud 1808, 1811, 1905, 2005. An attacker could exploit this vulnerability by submitting a specially crafted request to a specific SAP...

7.5CVSS6.7AI score0.01178EPSS
Exploits0References1
OSV
OSVadded 2020/11/10 5:15 p.m.0 views

CVE-2020-26810

SAP Commerce Cloud Accelerator Payment Mock, versions - 1808, 1811, 1905, 2005, allows an unauthenticated attacker to submit a crafted request over a network to a particular SAP Commerce module URL which will be processed without further interaction, the crafted request can render the SAP Commerc...

7.5CVSS7.1AI score0.01178EPSS
Exploits0References2
Prion
Prionadded 2020/10/15 2:15 a.m.24 views

Session fixation

SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, exposes several web applications that maintain sessions with a user. These sessions are established after the user has authenticated with username/passphrase credentials. The user can change their own passphrase, but this does not invalidate...

4.9CVSS4.7AI score0.0021EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2020/04/14 7:15 p.m.14 views

Authorization

SAP Commerce, versions 1811, 1905, does not perform necessary authorization checks for an anonymous user, due to Missing Authorization Check. This affects confidentiality of secure media...

5CVSS5.3AI score0.00248EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2020/04/14 12:0 a.m.1 views

PT-2020-19034 · Sap · Sap Commerce

Name of the Vulnerable Software and Affected Versions: SAP Commerce versions 6.6, 6.7, 1808, 1811, 1905 Description: The issue is related to the insecure processing of XML input in the Rest API from the Servlet xyformsweb, leading to Missing XML Validation. This affects the confidentiality and...

9.3CVSS9.1AI score0.00408EPSS
Exploits0References4
Rows per page
Query Builder