Sap Commerce Vulnerabilities

CSRF Vulnerability in SAP Commerce Authentication Cookies

CVE-2025-24875

SAPSAP Commerce6.8MEDIUM

Clickjacking Vulnerability in SAP Commerce Backoffice

CVE-2025-24874

SAPSAP Commerce (backoffice)6.8MEDIUM

Information Disclosure Vulnerability in SAP Commerce Cloud Assisted Service Module

CVE-2024-47577

SAPSAP Commerce Cloud2.7LOW

SAP Commerce Backoffice vulnerable to XSS

CVE-2024-45278

SAPSAP Commerce Backoffice5.4MEDIUM

SAP Commerce Customer Registration and Login Processes

CVE-2024-41733

SAPSAP Commerce5.3MEDIUM

SAP Commerce Backoffice Unsecured User-Controlled Inputs Lead to Cross-Site Scripting (XSS) Vulnerability

CVE-2024-41735

SAPSAP Commerce Backoffice5.4MEDIUM

OCC API Endpoints Vulnerable to PII Data Exposure

CVE-2024-33003

SAPSAP Commerce Cloud9.1CRITICAL

SAP Commerce Vulnerability: Misuse of Forgotten Password Functionality Can Grant Access to Non-Isolated Sites

CVE-2024-39597

SAPSAP Commerce7.2HIGH

Improper Access Control vulnerability in SAP Commerce Cloud

CVE-2023-42481

SAPSAP Commerce Cloud8.1HIGH

Information Disclosure vulnerability in SAP Commerce (OCC API)

CVE-2023-37486

SAPSAP Commerce (occ Api)5.9MEDIUM

SAP Commerce accepts empty passphrases.

CVE-2023-39439

SAPSAP Commerce9.8CRITICAL

Remote Code Injection Vulnerability in SAP Commerce

CVE-2022-41204

SAPSAP Commerce8.8HIGH

SQL Injection Vulnerability in SAP Commerce Products by SAP

CVE-2021-42064

SAPSAP Commerce9.8CRITICAL

Privilege Escalation Vulnerability in SAP Commerce by SAP

CVE-2021-40502

SAPSAP Commerce8.8HIGH

MIME Sniffing Vulnerability in SAP Commerce Cloud JavaScript Storefront

CVE-2021-33666

SAPSAP Commerce Cloud4.7MEDIUM

Information Disclosure Vulnerability in SAP Commerce Backoffice Search

CVE-2021-27619

SAPSAP Commerce (backoffi...6.5MEDIUM

Remote Code Execution in SAP Commerce Backoffice Application

CVE-2021-27602

SAPSAP Commerce9.9CRITICAL

Remote Code Execution Vulnerability in SAP Commerce Cloud

CVE-2021-21477

SAPSAP Commerce9.9CRITICAL

Improper Input Validation in SAP Commerce Cloud

CVE-2021-21445

SAPSAP Commerce Cloud5.4MEDIUM

Denial of Service Vulnerability in SAP Commerce Cloud by SAP

CVE-2020-26810

SAPSAP Commerce Cloud (ac...7.5HIGH

Server Side Request Forgery in SAP Commerce Cloud Accelerators

CVE-2020-26811

SAPSAP Commerce Cloud (ac...5.3MEDIUM

Authentication Bypass Vulnerability in SAP Commerce Cloud

CVE-2020-26809

SAPSAP Commerce Cloud5.3MEDIUM

Insufficient Session Expiration in SAP Commerce Cloud

CVE-2020-6363

SAPSAP Commerce Cloud4.6MEDIUM

Cross-Site Scripting Vulnerability in SAP Commerce Cloud

CVE-2020-6272

SAPSAP Commerce Cloud5.4MEDIUM

Session Management Vulnerability in SAP Commerce Software

CVE-2020-6302

SAPSAP Commerce6.4MEDIUM

Vulnerability Published:

Sort By:

11 February 2025

CSRF Vulnerability in SAP Commerce Authentication Cookies

Clickjacking Vulnerability in SAP Commerce Backoffice

10 December 2024

Information Disclosure Vulnerability in SAP Commerce Cloud Assisted Service Module

8 October 2024

SAP Commerce Backoffice vulnerable to XSS

13 August 2024

SAP Commerce Customer Registration and Login Processes

SAP Commerce Backoffice Unsecured User-Controlled Inputs Lead to Cross-Site Scripting (XSS) Vulnerability

OCC API Endpoints Vulnerable to PII Data Exposure

9 July 2024

SAP Commerce Vulnerability: Misuse of Forgotten Password Functionality Can Grant Access to Non-Isolated Sites

12 December 2023

Improper Access Control vulnerability in SAP Commerce Cloud

8 August 2023

Information Disclosure vulnerability in SAP Commerce (OCC API)

SAP Commerce accepts empty passphrases.

11 October 2022

Remote Code Injection Vulnerability in SAP Commerce

14 December 2021

SQL Injection Vulnerability in SAP Commerce Products by SAP

10 November 2021

Privilege Escalation Vulnerability in SAP Commerce by SAP

9 June 2021

MIME Sniffing Vulnerability in SAP Commerce Cloud JavaScript Storefront

11 May 2021

Information Disclosure Vulnerability in SAP Commerce Backoffice Search

13 April 2021

Remote Code Execution in SAP Commerce Backoffice Application

9 February 2021

Remote Code Execution Vulnerability in SAP Commerce Cloud

12 January 2021

Improper Input Validation in SAP Commerce Cloud

10 November 2020

Denial of Service Vulnerability in SAP Commerce Cloud by SAP

Server Side Request Forgery in SAP Commerce Cloud Accelerators

Authentication Bypass Vulnerability in SAP Commerce Cloud

15 October 2020

Insufficient Session Expiration in SAP Commerce Cloud

Cross-Site Scripting Vulnerability in SAP Commerce Cloud

9 September 2020

Session Management Vulnerability in SAP Commerce Software