oxidforge oxid_eshop CVE Vulnerabilities (3)

CVEs: 3 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting oxidforge oxid_eshop (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 13 of 3 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2023-26260 OXID eShop 6.2.x before 6.4.4 and 6.5.x before 6.5.2 allows session hijacking, leading to partial access of a customer's account by an attacker, due to an improper check of the user agent. [email protected] 5.4 0.36% 2023-04-11 2026-06-17
CVE-2016-5072 OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class. Fixed versions are Enterprise Edition v5.1.12, Enterprise Edition v5.2.9, Professional Edition v4.8.12, Professional Edition v4.9.9, Community Edition v4.8.12, Community Edition v4.9.9. [email protected] 8.8 1.92% 2017-04-09 2026-06-16
CVE-2009-3112 Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter. [email protected] 10.0 1.99% 2009-09-09 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence