Lucene search
K

6 matches found

CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

BankPro E-Service Service Center 安全漏洞

The BankPro E-Service Service Center is a digital banking service management platform provided by BankPro E-Service in Taiwan, China. There is a security vulnerability in the BankPro E-Service Service Center. This vulnerability stems from insecure direct object references, which may allow...

7.1CVSS5.8AI score0.00259EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/19 7:29 a.m.6 views

CVE-2025-12075

The Order Splitter for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wostroubleshooting' AJAX endpoint in all versions up to, and including, 5.3.5. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS5.5AI score0.00221EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.11 views

PT-2026-20220

Name of the Vulnerable Software and Affected Versions Order Splitter for WooCommerce plugin for WordPress versions up to and including 5.3.5 Description The Order Splitter for WooCommerce plugin for WordPress has a flaw that allows unauthorized access to data. This is due to a missing capability...

4.3CVSS5.4AI score0.00221EPSS
Exploits0References4
NVD
NVD
added 2026/01/12 8:15 p.m.5 views

CVE-2023-36331

Incorrect access control in the /member/orderList API of xmall v1.1 allows attackers to arbitrarily access other users' order details via manipulation of the query parameter userId...

8.2CVSS0.00206EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/05 12:0 a.m.2 views

Extreme CMS has a flawed logic vulnerability

Extreme CMS is an open source and free PHPCMS web content management system. Extreme CMS has a logic flaw vulnerability that can be exploited by attackers to overstep their rights to view other users' orders and product information...

6.9AI score
Exploits0
CNVD
CNVD
added 2017/08/24 12:0 a.m.0 views

Heilongjiang Industrial Cloud Service Android APP has overstepping access vulnerability

Heilongjiang Industrial Cloud Service app is an office communication platform. Heilongjiang Industrial Cloud Service Android APP has an override access vulnerability. An attacker can utilize the vulnerability to arbitrarily view other users' order product information...

6.9AI score
Exploits0
Rows per page
Query Builder