Vulnerabilities > Oxid

DATE CVE VULNERABILITY TITLE RISK
2009-09-09 CVE-2009-3113 Unspecified vulnerability in Oxid Eshop
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter.
network
low complexity
oxid
5.0
2009-09-09 CVE-2009-2266 Information Exposure vulnerability in Oxid Eshop
OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote attackers to obtain sensitive information (session details and order history of other users) via a crafted cookie.
network
low complexity
oxid CWE-200
5.0
2008-12-10 CVE-2008-5405 Buffer Errors vulnerability in Oxid Cain and Abel 4.9.23/4.9.24
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string.
network
oxid CWE-119
critical
9.3
2005-05-02 CVE-2005-0807 Remote Heap Buffer Overflow vulnerability in Massimiliano Montoro Cain & Abel PSK Sniffer
Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters.
network
low complexity
oxid
7.5