14 matches found
EUVD-2023-40589
Malicious code in bioql PyPI...
CVE-2023-36645
SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...
CVE-2023-36645
SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...
CVE-2023-36645
SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...
CVE-2023-36643
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...
CVE-2023-36643
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...
CVE-2023-36645
The CVE-2023-36645 entry concerns ITB-GmbH TradePro v9.5 with a SQL injection via the oordershow component in the customer function. Connected PT-2024-12574 details show the root cause as an access-control weakness allowing remote exploitation to execute SQL queries. Affects ITB-GmbH TradePro 9.5...
CVE-2023-36645
SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...
CVE-2023-36643
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...
ITB-GmbH TradePro 安全漏洞
ITB-GmbH TradePro is a complete B2B e-shop from ITB-GmbH. A security vulnerability exists in ITB-GmbH TradePro version v9.5, which stems from incorrect access control. A remote attacker uses the vulnerability to receive all orders from the online store via the oordershow component in the customer...
CVE-2023-36643
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...
PT-2024-12572 · Itb Gmbh · Itb-Gmbh Tradepro
Name of the Vulnerable Software and Affected Versions: ITB-GmbH TradePro version 9.5 Description: The issue allows remote attackers to bypass access controls and receive all orders from the online shop. This is achieved via the oordershow component in the customer function. Recommendations: For...
CVE-2023-36645
SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...
PT-2024-12574 · Itb Gmbh · Itb-Gmbh Tradepro
Name of the Vulnerable Software and Affected Versions: ITB-GmbH TradePro version 9.5 Description: The issue allows remote attackers to run SQL queries via the oordershow component in the customer function. This is a result of incorrect access control, enabling remote access. Recommendations: For...