CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...

7.5CVSS7AI score0.00955EPSS

Exploits1

NVD•added 2024/04/04 9:15 a.m.•13 views

CVE-2023-36645

SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...

9.8CVSS9.5AI score0.00872EPSS

Exploits1References1

NVD•added 2024/04/04 9:15 a.m.•13 views

CVE-2023-36643

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...

7.5CVSS7.5AI score0.00659EPSS

Exploits1References1

Vulnrichment•added 2024/04/04 12:0 a.m.•13 views

CVE-2023-36645

SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...

9.1CVSS9.5AI score0.00872EPSS

Exploits1References1

Vulnrichment•added 2024/04/04 12:0 a.m.•12 views

CVE-2023-36643

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...

7.5CVSS7.2AI score0.00659EPSS

Exploits1References1

CNNVD•added 2024/04/04 12:0 a.m.•2 views

ITB-GmbH TradePro 安全漏洞

ITB-GmbH TradePro is a complete B2B e-shop from ITB-GmbH. A security vulnerability exists in ITB-GmbH TradePro version v9.5, which stems from incorrect access control. A remote attacker uses the vulnerability to receive all orders from the online store via the oordershow component in the customer...

7.5CVSS6.8AI score0.00659EPSS

Exploits1References2

CVE•added 2024/04/04 12:0 a.m.•55 views

CVE-2023-36644

CVE-2023-36644 affects ITB-GmbH TradePro v9.5. The issue stems from Incorrect Access Control in the printmail plugin, enabling remote attackers to retrieve all order confirmations from the online shop. Connected sources corroborate the affected product (TradePro v9.5) and the vulnerability class ...

7.5CVSS7.5AI score0.00955EPSS

Exploits1References1Affected Software1

CVE•added 2024/04/04 12:0 a.m.•56 views

CVE-2023-36645

The CVE-2023-36645 entry concerns ITB-GmbH TradePro v9.5 with a SQL injection via the oordershow component in the customer function. Connected PT-2024-12574 details show the root cause as an access-control weakness allowing remote exploitation to execute SQL queries. Affects ITB-GmbH TradePro 9.5...

9.8CVSS9.4AI score0.00872EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2024/04/04 12:0 a.m.•9 views

CVE-2023-36644

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...

7.5CVSS7AI score0.00955EPSS

Exploits1References1

Cvelist•added 2024/04/04 12:0 a.m.•21 views

CVE-2023-36643

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...

7.5CVSS7.7AI score0.00659EPSS

Exploits1References1

Cvelist•added 2024/04/04 12:0 a.m.•17 views

CVE-2023-36645

SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...

9.1CVSS9.7AI score0.00872EPSS

Exploits1References1

Cvelist•added 2024/04/04 12:0 a.m.•16 views

CVE-2023-36644

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...

7.5CVSS7.7AI score0.00955EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by