Hclsoftware Aftermarket Epc

14 CVEs affecting Hclsoftware Aftermarket Epc. Latest disclosed: 2026-07-17. Critical: 0, High: 0.

Top CVEs affecting Hclsoftware Aftermarket Epc
CVESeverityScorePublishedSummary
CVE-2024-23566Medium6.52026-07-17HCL Aftermarket EPC is vulnerable to brute force attacks since application doesn’t have captcha implemented. It can lead to various security issues like brute…
CVE-2024-42214Medium5.32026-07-17HCL Aftermarket EPC is vulnerable to attack since HTTP OPTIONS method is enabled on this web server. The OPTIONS method provides a list of the methods that are…
CVE-2024-23575Medium5.32026-07-17HCL Aftermarket EPC is vulnerable to attack since the application returns detailed error messages that leak information about the processing on the server. An…
CVE-2024-23574Medium5.32026-07-17HCL Aftermarket EPC is vulnerable to attack since It was found that a malicious actor can use brute-force techniques to either guess or confirm valid users in…
CVE-2024-23568Medium5.32026-07-17HCL Aftermarket EPC is vulnerable to attacks since the server software version used by the application is revealed by the web server. Displaying version inform…
CVE-2024-23565Medium5.32026-07-17HCL Aftermarket EPC is vulnerable to email flooding as the application does not have a proper mail limitation mechanism at Forget Password functionality. The a…
CVE-2024-23577Medium4.32026-07-17HCL Aftermarket EPC is vulnerable since the application does not have a validation for HOST header and accepts arbitrary hosts when requested in http protocol…
CVE-2024-23571Medium4.32026-07-17HCL Aftermarket EPC is vulnerable to attack since the application does not have an appropriate caching policy specifying the extent to which the page and its f…
CVE-2024-23570Medium4.32026-07-17HCL Aftermarket EPC is affected by clickjacking vulnerability Cross-Frame Scripting is an attack technique where an attacker loads a vulnerable application in…
CVE-2024-23569Medium4.32026-07-17HCL Aftermarket EPC is vulnerable to attack since the server is not configured with “X-XSS-Protection" header
CVE-2024-23567Medium4.32026-07-17HCL Aftermarket EPC is affected by Sensitive Information in GET method & in URL which allows application to pass sensitive data via URL parameters during norma…
CVE-2024-23578Medium4.22026-07-17HCL Aftermarket EPC is vulnerable to attack as the application implements an HTML5 cross-origin resource sharing (CORS) policy for this request that allows acc…
CVE-2024-23572Medium4.22026-07-17HCL Aftermarket EPC is vulnerable to attack as cookie appears to contain a session token, which may increase the risk associated with this issue. You should re…
CVE-2024-23573Low3.72026-07-17HCL Aftermarket EPC is vulnerable to attack since the Application is vulnerable to Lucky 13. that makes the SS LLUCKY13 possible affects the TLS1.1and 1.2 and…