Total
72 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-29294 | 1 Adobe | 2 Commerce, Magento | 2024-11-21 | N/A | 4.3 MEDIUM |
| Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation of this issue does not require user interaction. | |||||
| CVE-2023-1887 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 4.3 MEDIUM |
| Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | |||||
| CVE-2023-1542 | 1 Answer | 1 Answer | 2024-11-21 | N/A | 5.4 MEDIUM |
| Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-1541 | 1 Answer | 1 Answer | 2024-11-21 | N/A | 3.8 LOW |
| Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-0565 | 1 Froxlor | 1 Froxlor | 2024-11-21 | N/A | 5.5 MEDIUM |
| Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10. | |||||
| CVE-2022-4719 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | N/A | 9.8 CRITICAL |
| Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5. | |||||
| CVE-2022-27782 | 3 Debian, Haxx, Splunk | 3 Debian Linux, Curl, Universal Forwarder | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily. | |||||
| CVE-2022-1848 | 1 Erudika | 1 Para | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| Business Logic Errors in GitHub repository erudika/para prior to 1.45.11. | |||||
| CVE-2022-1155 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 6.5 MEDIUM | 7.4 HIGH |
| Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10. | |||||
| CVE-2022-0935 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97. | |||||
| CVE-2022-0746 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Business Logic Errors in GitHub repository dolibarr/dolibarr prior to 16.0. | |||||
| CVE-2022-0689 | 1 Microweber | 1 Microweber | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Use multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11. | |||||
| CVE-2022-0688 | 1 Microweber | 1 Microweber | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| Business Logic Errors in Packagist microweber/microweber prior to 1.2.11. | |||||
| CVE-2022-0524 | 1 Publify Project | 1 Publify | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Business Logic Errors in GitHub repository publify/publify prior to 9.2.7. | |||||
| CVE-2022-0514 | 1 Craterapp | 1 Crater | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Business Logic Errors in GitHub repository crater-invoice/crater prior to 6.0.5. | |||||
| CVE-2021-4171 | 1 Janeczku | 1 Calibre-web | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| calibre-web is vulnerable to Business Logic Errors | |||||
| CVE-2021-4146 | 1 Pimcore | 1 Pimcore | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6. | |||||
| CVE-2021-4117 | 1 Yetiforce | 1 Yetiforce Customer Relationship Management | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| yetiforcecrm is vulnerable to Business Logic Errors | |||||
| CVE-2021-4111 | 1 Yetiforce | 1 Yetiforce Customer Relationship Management | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| yetiforcecrm is vulnerable to Business Logic Errors | |||||
| CVE-2021-36012 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can leverage this vulnerability to altar the price of an item. | |||||