Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2026-2347: Akilli Commerce E-Commerce Website Session Hijacking Risk
CVE-2026-2347
Summary
A security weakness in Akilli Commerce's E-Commerce Website allows an attacker to access a customer's session, potentially allowing them to make unauthorized purchases or changes. This affects versions of the website prior to 4.5.001. To protect your customers, update to the latest version of the website as soon as possible.
Original title
Authorization bypass through User-Controlled key vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Session Hijacking.
This issue affects E-Commerce Website:...
Original description
Authorization bypass through User-Controlled key vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Session Hijacking.
This issue affects E-Commerce Website: before 4.5.001.
This issue affects E-Commerce Website: before 4.5.001.
nvd CVSS3.1
9.8
Vulnerability type
CWE-639
Authorization Bypass Through User-Controlled Key
Published: 14 May 2026 · Updated: 23 May 2026 · First seen: 14 May 2026