Vulnerabilities > Oxidforge > Oxid Eshop

DATE CVE VULNERABILITY TITLE RISK
2017-04-10 CVE-2016-5072 Code Injection vulnerability in Oxidforge Oxid Eshop
OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class.
network
low complexity
oxidforge CWE-94
6.5
6.5
2009-09-09 CVE-2009-3112 Unspecified vulnerability in Oxidforge Oxid Eshop and Oxid Eshop4.0.0.2 14967
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter.
network
low complexity
oxidforge
critical
 10.0
10