26 matches found
EUVD-2023-40589
Malicious code in bioql PyPI...
EUVD-2023-40587
Malicious code in bioql PyPI...
EUVD-2023-40588
Malicious code in bioql PyPI...
CVE-2023-36645
SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...
CVE-2023-36644
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...
CVE-2023-36644
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...
CVE-2023-36645
SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...
CVE-2023-36644
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...
CVE-2023-36645
SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...
CVE-2023-36645
SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...
CVE-2023-36643
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...
CVE-2023-36643
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...
CVE-2023-36643
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...
CVE-2023-36645
SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...
CVE-2023-36643
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...
CVE-2023-36644
CVE-2023-36644 affects ITB-GmbH TradePro v9.5. The issue stems from Incorrect Access Control in the printmail plugin, enabling remote attackers to retrieve all order confirmations from the online shop. Connected sources corroborate the affected product (TradePro v9.5) and the vulnerability class ...
CVE-2023-36645
The CVE-2023-36645 entry concerns ITB-GmbH TradePro v9.5 with a SQL injection via the oordershow component in the customer function. Connected PT-2024-12574 details show the root cause as an access-control weakness allowing remote exploitation to execute SQL queries. Affects ITB-GmbH TradePro 9.5...
ITB-GmbH TradePro 安全漏洞
ITB-GmbH TradePro is a complete B2B e-shop from ITB-GmbH. A security vulnerability exists in ITB-GmbH TradePro version v9.5, which stems from incorrect access control. A remote attacker uses the vulnerability to receive all order confirmations from the online store via the printmail plugin...
CVE-2023-36644
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...
CVE-2023-36644
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...