cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2019-0322,https://securityvulnerability.io/vulnerability/CVE-2019-0322,,"SAP Commerce Cloud (previously known as SAP Hybris Commerce), (HY_COM, versions 6.3, 6.4, 6.5, 6.6, 6.7, 1808, 1811), allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.",SAP,SAP Commerce Cloud (ex SAP Hybris Commerce) (hy Com),7.5,HIGH,0.004040000028908253,false,false,false,false,,false,false,2019-07-10T19:00:32.000Z,0
CVE-2019-0238,https://securityvulnerability.io/vulnerability/CVE-2019-0238,,"SAP Commerce (previously known as SAP Hybris Commerce), before version 6.7, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.",SAP,SAP Commerce (ex. SAP Hybris Commerce),6.1,MEDIUM,0.0010300000431016088,false,false,false,false,,false,false,2019-01-08T20:00:00.000Z,0
CVE-2018-2505,https://securityvulnerability.io/vulnerability/CVE-2018-2505,,"SAP Commerce does not sufficiently validate user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability in storefronts that are based on the product. Fixed in versions (SAP Hybris Commerce, versions 6.2, 6.3, 6.4, 6.5, 6.6, 6.7).",SAP,SAP Commerce (SAP Hybris Commerce),6.1,MEDIUM,0.0010499999625608325,false,false,false,false,,false,false,2018-12-11T23:00:00.000Z,0
CVE-2018-2463,https://securityvulnerability.io/vulnerability/CVE-2018-2463,,"The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.",SAP,SAP Hybris Commerce,8.6,HIGH,0.001560000004246831,false,false,false,false,,false,false,2018-09-11T15:00:00.000Z,0