CVE-2009-3112

EUVD-2009-3095
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
oxidforgeoxid_eshop
4.0.0.0_13895:_13895
oxidforgeoxid_eshop
4.0.0.0_13895:_13895
oxidforgeoxid_eshop
4.0.0.0_13895:_13895
oxidforgeoxid_eshop
4.0.0.0_13934:_13934
oxidforgeoxid_eshop
4.0.0.0_13934:_13934
oxidforgeoxid_eshop
4.0.0.0_13934:_13934
oxidforgeoxid_eshop
4.0.0.0_14260:_14260
oxidforgeoxid_eshop
4.0.0.0_14260:_14260
oxidforgeoxid_eshop
4.0.0.0_14260:_14260
oxidforgeoxid_eshop
4.0.0.1_14455:_14455
oxidforgeoxid_eshop
4.0.0.1_14455:_14455
oxidforgeoxid_eshop
4.0.0.1_14455:_14455
oxidforgeoxid_eshop
4.0.0.2_14842:_14842
oxidforgeoxid_eshop
4.0.0.2_14842:_14842
oxidforgeoxid_eshop
4.0.0.2_14842:_14842
oxidforgeoxid_eshop
4.0.0.2_14967:_14967
oxidforgeoxid_eshop
4.0.0.2_14967:_14967
oxidforgeoxid_eshop
4.0.1.0_15990:_15990
oxidforgeoxid_eshop
4.0.1.0_15990:_15990
oxidforgeoxid_eshop
44.0.1.0_15990:_15990
oxidforgeoxid_eshop4.0.0.2_14967
*
𝑥
= Vulnerable software versions
References
http://www.oxidforge.org/wiki/Security_bulletins/2009-001
http://www.oxidforge.org/wiki/Security_bulletins/2009-001