CVE-2023-38330

OXID eShop Enterprise Edition 6.5.0 – 6.5.2 before 6.5.3 allows uploading files with modified headers in the administration area. An attacker can upload a file with a modified header to create a HTTP Response Splitting attack...

Oxid Esales OXID eShop 安全漏洞

Oxid Esales OXID eShop is an online e-commerce platform from Oxid Esales, Germany. A security vulnerability exists in OXID eShop versions 6.2.x through 6.4.4 and 6.5.x through 6.5.2, which stems from an incorrect check of the user agent...