CVE-2009-2266

OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote attackers to obtain sensitive information (session details and order history of other users) via a crafted cookie.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oxid:eshop:4.0.0.0_14260:*:professional:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.0_14260:*:community:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.0_14260:*:enterprise:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.1_14455:*:professional:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.1.0-17976:*:professional:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.1.0-17976:*:enterprise:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.1.0-17976:*:community:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.1.2-18998:*:professional:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.2_14842:*:enterprise:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.2_14967:*:professional:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.2_14967:*:enterprise:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.0_13895:*:community:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.2_14967:*:community:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.1.0_15990:*:professional:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.0_13895:*:enterprise:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.1.2-18998:*:community:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.1.1-18442:*:professional:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.0_13934:*:enterprise:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.2_14842:*:professional:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.1.2-18998:*:enterprise:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.1_14455:*:community:*:*:*:*:*
cpe:2.3:a:oxid:eshop:*:*:enterprise:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.0_13934:*:professional:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.1.3-19918:*:enterprise:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.1.0_15990:*:enterprise:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.1.3-19918:*:community:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.1_14455:*:enterprise:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.1.0_15990:*:community:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.0_13934:*:community:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.2_14842:*:community:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.1.3-19918:*:professional:*:*:*:*:*
cpe:2.3:a:oxid:eshop:*:*:professional:*:*:*:*:*
cpe:2.3:a:oxid:eshop:4.0.0.0_13895:*:professional:*:*:*:*:*

Information

Published : 2009-09-09 10:30

Updated : 2009-09-09 21:00


NVD link : CVE-2009-2266

Mitre link : CVE-2009-2266


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

oxid

  • eshop