CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-6926

The OpenID Single Sign-On authentication functionality in OXID eShop before 4.5.0 allows remote attackers to impersonate users via the email address in a crafted authentication token.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.1%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://bugs.oxid-esales.com/view.php?id=6224
https://oxidforge.org/en/oxid-security-bulletin-2015-001.html
https://bugs.oxid-esales.com/view.php?id=6224
https://oxidforge.org/en/oxid-security-bulletin-2015-001.html

Products affected by CVE-2015-6926

Oxid-Esales » Eshop » Version: Any

cpe:2.3:a:oxid-esales:eshop:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6926

Products

Pricing

Contact Us