Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Oxidforge Subscribe
Filtered by product Oxid Eshop
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-5072 1 Oxidforge 1 Oxid Eshop 2017-04-14 6.5 MEDIUM 8.8 HIGH
OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class. Fixed versions are Enterprise Edition v5.1.12, Enterprise Edition v5.2.9, Professional Edition v4.8.12, Professional Edition v4.9.9, Community Edition v4.8.12, Community Edition v4.9.9.
CVE-2009-3112 1 Oxidforge 2 Oxid Eshop, Oxid Eshop4.0.0.2 14967 2009-09-09 10.0 HIGH N/A
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter.