Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltechsw hcl commerce vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-14274
Information disclosure vulnerability in HCL Commerce 9.0.1.9 up to and including 9.0.1.14 and 9.1 up to and including 9.1.4 could allow a remote malicious user to obtain user personal data via unknown vectors.
Hcltechsw Hcl Commerce
7.5
CVSSv2
CVE-2020-14275
Security vulnerability in HCL Commerce 9.0.0.5 up to and including 9.0.0.13, 9.0.1.0 up to and including 9.0.1.14 and 9.1 up to and including 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations.
Hcltechsw Hcl Commerce
NA
CVE-2022-38656
HCL Commerce, when using Elasticsearch, can allow a remote malicious user to cause a denial of service attack on the site and make administrative changes.
Hcltechsw Hcl Commerce
NA
CVE-2021-27785
HCL Commerce's Remote Store server could allow a local malicious user to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website.
Hcltechsw Hcl Commerce
6.4
CVSSv2
CVE-2021-27741
" Security vulnerability in HCL Commerce Management Center allowing XML external entity (XXE) injection"
Hcltechsw Hcl Commerce
1.9
CVSSv2
CVE-2021-27751
HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible.
Hcltechsw Hcl Commerce
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started