Lucene search
K

6 matches found

Cvelist
Cvelist
added 2024/04/04 12:0 a.m.24 views

CVE-2023-36643

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...

7.5CVSS7.7AI score0.00659EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/04/04 12:0 a.m.15 views

CVE-2023-36645

SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...

9.1CVSS9.5AI score0.00872EPSS
Exploits1References1
CVE
CVE
added 2024/04/04 12:0 a.m.61 views

CVE-2023-36645

The CVE-2023-36645 entry concerns ITB-GmbH TradePro v9.5 with a SQL injection via the oordershow component in the customer function. Connected PT-2024-12574 details show the root cause as an access-control weakness allowing remote exploitation to execute SQL queries. Affects ITB-GmbH TradePro 9.5...

9.8CVSS9.4AI score0.00872EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/04 12:0 a.m.13 views

CVE-2023-36643

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...

7.5CVSS7.2AI score0.00659EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/04/04 12:0 a.m.33 views

CVE-2023-36644

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...

7.5CVSS7.7AI score0.00955EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/04/04 12:0 a.m.11 views

CVE-2023-36644

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...

7.5CVSS7AI score0.00955EPSS
Exploits1References1
Rows per page
Query Builder