Vulnerabilities > CVE-2017-8110 - XXE vulnerability in Modified-Shop Modified Ecommerce Shopsoftware 2.0.2.2

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
modified-shop
CWE-611
critical
NVD
Published: 2017-04-25
Updated: 2024-11-21

Summary

www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php.

Vulnerable Configurations

Part Description Count
Application
Modified-Shop
1

Common Weakness Enumeration (CWE)

References