Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltechsw hcl commerce vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38656
HCL Commerce, when using Elasticsearch, can allow a remote malicious user to cause a denial of service attack on the site and make administrative changes.
Hcltechsw Hcl Commerce
NA
CVE-2021-27785
HCL Commerce's Remote Store server could allow a local malicious user to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website.
Hcltechsw Hcl Commerce
1.9
CVSSv2
CVE-2021-27751
HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible.
Hcltechsw Hcl Commerce
6.4
CVSSv2
CVE-2021-27741
" Security vulnerability in HCL Commerce Management Center allowing XML external entity (XXE) injection"
Hcltechsw Hcl Commerce
5
CVSSv2
CVE-2020-14274
Information disclosure vulnerability in HCL Commerce 9.0.1.9 up to and including 9.0.1.14 and 9.1 up to and including 9.1.4 could allow a remote malicious user to obtain user personal data via unknown vectors.
Hcltechsw Hcl Commerce
7.5
CVSSv2
CVE-2020-14275
Security vulnerability in HCL Commerce 9.0.0.5 up to and including 9.0.0.13, 9.0.1.0 up to and including 9.0.1.14 and 9.1 up to and including 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations.
Hcltechsw Hcl Commerce
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started