RSS   Vulnerabilities for 'Eshop'   RSS

2009-09-09
 
CVE-2009-3113

CWE-noinfo
 

 
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter.

 
 
CVE-2009-2266

CWE-200
 

 
OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote attackers to obtain sensitive information (session details and order history of other users) via a crafted cookie.

 

 >>> Vendor: OXID 2 Products
Eshop
Cain and abel


Copyright 2024, cxsecurity.com

 

Back to Top