Tag
CVE-2026-2347 - Akilli Commerce E-Commerce Website Authorization Bypass via User-Controlled Key
1 rule 1 TTP 1 CVECVE-2026-2347 describes an authorization bypass vulnerability through a user-controlled key in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website before version 4.5.001, which could lead to session hijacking.
Systempay 1.0 Weak Crypto Allows Payment Signature Forging (CVE-2020-37168)
2 rules 1 TTP 1 CVESystempay 1.0 contains a weak cryptographic implementation vulnerability (CVE-2020-37168) allowing attackers to brute-force the production secret key, forge payment signatures, and manipulate transaction amounts.
Adobe Commerce Stored XSS Vulnerability (CVE-2026-34686)
2 rules 2 TTPs 1 CVEAdobe Commerce versions 2.4.9-beta1 and earlier are susceptible to a stored Cross-Site Scripting (XSS) vulnerability (CVE-2026-34686) that allows low-privileged attackers to inject malicious scripts into form fields, leading to potential account compromise.
Adobe Commerce Incorrect Authorization Vulnerability (CVE-2026-34646)
2 rules 2 TTPs 1 CVEAdobe Commerce versions 2.4.9-beta1 and earlier are vulnerable to an Incorrect Authorization issue (CVE-2026-34646) that allows attackers to bypass security features and gain unauthorized write access without user interaction.
SourceCodester E-Commerce Site SQL Injection Vulnerability (CVE-2026-4613)
2 rules 1 TTPA remote SQL injection vulnerability (CVE-2026-4613) exists in SourceCodester E-Commerce Site 1.0 within the /products.php file due to improper input sanitization of the 'Search' argument, potentially allowing attackers to read or modify sensitive database information.