PT-2009-5440 · Oxid · Oxid Eshop

Published

2009-09-09

Updated

2009-09-10

CVE-2009-3113

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: OXID eShop versions prior to 4.1.2 OXID eShop versions 3.x OXID eShop versions 2.x

Description: The issue allows remote attackers to gain write access to product reviews via a crafted parameter.

Recommendations: For versions prior to 4.1.2, update to version 4.1.2 or later. For versions 3.x, update to version 4.1.2 or later. For versions 2.x, update to version 4.1.2 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-3113

Affected Products

Oxid Eshop

PT-2009-5440 · Oxid · Oxid Eshop

CVE-2009-3113

Related Identifiers

Affected Products

References · 2