Every CVE whose affected-product data names Itb-pim Tradepro, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-36645 — CVSS 9.1 (critical): SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer…
CVE-2023-36643 — CVSS 7.5 (high): Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow…
CVE-2023-36644 — CVSS 7.5 (high): Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the…