Vulnerabilities > Oxid > Eshop > 4.0.0.0.13895
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-09 | CVE-2009-3113 | Unspecified vulnerability in Oxid Eshop Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter. | 5.0 |
2009-09-09 | CVE-2009-2266 | Information Exposure vulnerability in Oxid Eshop OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote attackers to obtain sensitive information (session details and order history of other users) via a crafted cookie. | 5.0 |