Oxid: >> Eshop >> 4.0.0.0_13895 Security Vulnerabilities
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter.
CVSS Score
5.0
EPSS Score
0.002
Published
2009-09-09
OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote attackers to obtain sensitive information (session details and order history of other users) via a crafted cookie.
CVSS Score
5.0
EPSS Score
0.003
Published
2009-09-09