Lucene search
HistorySep 09, 2009 - 7:30 p.m.
CVE-2009-3112
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
Low
EPSS
0.005
Percentile
76.1%
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter.
Affected configurations
Node
oxidforgeoxid_eshopMatch4.0.0.0_13895community_edition
ORoxidforgeoxid_eshopMatch4.0.0.0_13895enterprise_edition
ORoxidforgeoxid_eshopMatch4.0.0.0_13895pro_edition
ORoxidforgeoxid_eshopMatch4.0.0.0_13934community_edition
ORoxidforgeoxid_eshopMatch4.0.0.0_13934enterprise_edition
ORoxidforgeoxid_eshopMatch4.0.0.0_13934pro_edition
ORoxidforgeoxid_eshopMatch4.0.0.0_14260community_edition
ORoxidforgeoxid_eshopMatch4.0.0.0_14260enterprise_edition
ORoxidforgeoxid_eshopMatch4.0.0.0_14260pro_edition
ORoxidforgeoxid_eshopMatch4.0.0.1_14455community_edition
ORoxidforgeoxid_eshopMatch4.0.0.1_14455enterprise_edition
ORoxidforgeoxid_eshopMatch4.0.0.1_14455pro_edition
ORoxidforgeoxid_eshopMatch4.0.0.2_14842community_edition
ORoxidforgeoxid_eshopMatch4.0.0.2_14842enterprise_edition
ORoxidforgeoxid_eshopMatch4.0.0.2_14842pro_edition
ORoxidforgeoxid_eshopMatch4.0.0.2_14967enterprise_edition
ORoxidforgeoxid_eshopMatch4.0.0.2_14967pro_edition
ORoxidforgeoxid_eshopMatch4.0.1.0_15990enterprise_edition
ORoxidforgeoxid_eshopMatch4.0.1.0_15990pro_edition
ORoxidforgeoxid_eshopMatch44.0.1.0_15990community_edition
ORoxidforgeoxid_eshop4.0.0.2_14967community_edition
| Vendor | Product | Version | CPE |
|---|---|---|---|
| oxidforge | oxid_eshop | 4.0.0.0_13895 | cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13895:*:community_edition:*:*:*:*:* |
| oxidforge | oxid_eshop | 4.0.0.0_13895 | cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13895:*:enterprise_edition:*:*:*:*:* |
| oxidforge | oxid_eshop | 4.0.0.0_13895 | cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13895:*:pro_edition:*:*:*:*:* |
| oxidforge | oxid_eshop | 4.0.0.0_13934 | cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13934:*:community_edition:*:*:*:*:* |
| oxidforge | oxid_eshop | 4.0.0.0_13934 | cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13934:*:enterprise_edition:*:*:*:*:* |
| oxidforge | oxid_eshop | 4.0.0.0_13934 | cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13934:*:pro_edition:*:*:*:*:* |
| oxidforge | oxid_eshop | 4.0.0.0_14260 | cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_14260:*:community_edition:*:*:*:*:* |
| oxidforge | oxid_eshop | 4.0.0.0_14260 | cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_14260:*:enterprise_edition:*:*:*:*:* |
| oxidforge | oxid_eshop | 4.0.0.0_14260 | cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_14260:*:pro_edition:*:*:*:*:* |
| oxidforge | oxid_eshop | 4.0.0.1_14455 | cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.1_14455:*:community_edition:*:*:*:*:* |
Related
openvas
openvas
OXID eShop Community Edition Privilege Escalation Vulnerability
2009-09-11 00:00:00
OXID eShop Community Edition 4.x < 4.1.0 Privilege Escalation Vulnerability
2009-09-11 00:00:00
cve
cve
CVE-2009-3112
2009-09-09 19:30:00
cvelist
cvelist
CVE-2009-3112
2009-09-09 19:00:00
prion
prion
Design/Logic Flaw
2009-09-09 19:30:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
Low
EPSS
0.005
Percentile
76.1%
Related for NVD:CVE-2009-3112