| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-42481 | Improper Access Control vulnerability in SAP Commerce Cloud | SAP_SE | SAP Commerce Cloud | High | 8.1 | 2023-12-12 01:00:19 | Deep Dive |
| CVE-2023-6120 | Welcart e-Commerce <= 2.9.6 - Authenticated (Administrator+) Directory Traversal | uscnanbu | Welcart e-Commerce | Medium | 4.1 | 2023-12-09 06:52:00 | Deep Dive |
| CVE-2023-5951 | Welcart e-Commerce < 2.9.5 - Reflected XSS | Unknown | Welcart e-Commerce | - | - | 2023-12-04 21:28:42 | Deep Dive |
| CVE-2023-5953 | Welcart e-Commerce < 2.9.5 - Subscriber+ Arbitrary File Upload | Unknown | Welcart e-Commerce | - | - | 2023-12-04 21:28:03 | Deep Dive |
| CVE-2023-5952 | Welcart e-Commerce < 2.9.5 - Unauthenticated PHP Object Injection | Unknown | Welcart e-Commerce | - | - | 2023-12-04 21:27:55 | Deep Dive |
| CVE-2023-4406 | XSS in KC Group's E-Commerce Software | KC Group | E-Commerce Software | Medium | 6.1 | 2023-11-23 09:37:10 | Deep Dive |
| CVE-2023-46642 | WordPress SAHU TikTok Pixel for E-Commerce Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS) | sahumedia | SAHU TikTok Pixel for E-Commerce | 中危 | - | 2023-11-08 16:19:50 | Deep Dive |
| CVE-2023-37532 | A path traversal vulnerability affects HCL Commerce | HCL Software | HCL Commerce | Medium | 5.8 | 2023-10-23 16:34:28 | Deep Dive |
| CVE-2023-22029 | Oracle Commerce 安全漏洞 | Oracle Corporation | Commerce Guided Search / Oracle Commerce Experience Manager | Medium | 6.1 | 2023-10-17 21:02:49 | Deep Dive |
| CVE-2023-38251 | Adobe Commerce | Uncontrolled Resource Consumption (CWE-400) | Adobe | Adobe Commerce | Medium | 5.3 | 2023-10-13 06:15:21 | Deep Dive |
| CVE-2023-38219 | Validate Your Inputs | Cross-site Scripting (Stored XSS) (CWE-79) - Customer to Admin stored XSS with Gift wrapping | Adobe | Adobe Commerce | High | 8.7 | 2023-10-13 06:15:15 | Deep Dive |
| CVE-2023-38220 | Full page cache enumeration via cookie X-Magento-Vary | Adobe | Adobe Commerce | High | 7.5 | 2023-10-13 06:15:13 | Deep Dive |
| CVE-2023-26367 | Error based file extraction via PHP filter chains during product bulk import logic | Adobe | Adobe Commerce | Medium | 4.9 | 2023-10-13 06:15:12 | Deep Dive |
| CVE-2023-26366 | Validate Your Inputs | Server-Side Request Forgery (SSRF) (CWE-918) | Adobe | Adobe Commerce | Medium | 6.8 | 2023-10-13 06:15:11 | Deep Dive |
| CVE-2023-38218 | Incorrect Authorization - Customer account takeover | Adobe | Adobe Commerce | High | 8.8 | 2023-10-13 06:15:10 | Deep Dive |
| CVE-2023-38250 | Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) | Adobe | Adobe Commerce | High | 8.0 | 2023-10-13 06:15:09 | Deep Dive |
| CVE-2023-38249 | Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) | Adobe | Adobe Commerce | High | 8.0 | 2023-10-13 06:15:08 | Deep Dive |
| CVE-2023-38221 | Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) | Adobe | Adobe Commerce | High | 8.0 | 2023-10-13 06:15:06 | Deep Dive |
| CVE-2023-41858 | WordPress Order Delivery Date for WP e-Commerce Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF) | Ashok Rane | Order Delivery Date for WP e-Commerce | Medium | 4.3 | 2023-10-10 08:50:47 | Deep Dive |
| CVE-2023-41859 | WordPress Order Delivery Date for WP e-Commerce Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS) | Ashok Rane | Order Delivery Date for WP e-Commerce | Medium | 5.9 | 2023-10-02 08:49:27 | Deep Dive |