CVE-2016-5072

Name of the Vulnerable Software and Affected Versions OXID eShop versions prior to 5.1.12, 5.2.9, 4.8.12, and 4.9.9

Description The issue allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class.

Recommendations For versions prior to 5.1.12, update to Enterprise Edition v5.1.12. For versions prior to 5.2.9, update to Enterprise Edition v5.2.9. For versions prior to 4.8.12, update to Professional Edition v4.8.12 or Community Edition v4.8.12. For versions prior to 4.9.9, update to Professional Edition v4.9.9 or Community Edition v4.9.9.