CVE-2009-3113

Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
VendorProductVersion
oxideshop
𝑥
≤ 2.7.0.3
oxideshop
𝑥
≤ 3.0.4.1
oxideshop
4.0.0.0_13895:_13895
oxideshop
4.0.0.0_13895:_13895
oxideshop
4.0.0.0_13895:_13895
oxideshop
4.0.0.0_13934:_13934
oxideshop
4.0.0.0_13934:_13934
oxideshop
4.0.0.0_13934:_13934
oxideshop
4.0.0.0_14260:_14260
oxideshop
4.0.0.0_14260:_14260
oxideshop
4.0.0.0_14260:_14260
oxideshop
4.0.0.1_14455:_14455
oxideshop
4.0.0.1_14455:_14455
oxideshop
4.0.0.1_14455:_14455
oxideshop
4.0.0.2_14842:_14842
oxideshop
4.0.0.2_14842:_14842
oxideshop
4.0.0.2_14842:_14842
oxideshop
4.0.0.2_14967:_14967
oxideshop
4.0.0.2_14967:_14967
oxideshop
4.0.0.2_14967:_14967
oxideshop
4.0.1.0_15990:_15990
oxideshop
4.0.1.0_15990:_15990
oxideshop
4.0.1.0_15990:_15990
oxideshop
4.1.0-17976
oxideshop
4.1.0-17976
oxideshop
4.1.0-17976
oxideshop
4.1.1-18442
oxideshop
4.1.2-18998
oxideshop
4.1.2-18998
oxideshop
4.1.2-18998
oxideshop
4.1.3-19918
oxideshop
4.1.3-19918
oxideshop
4.1.3-19918
𝑥
= Vulnerable software versions
References
http://www.oxidforge.org/wiki/Security_bulletins/2009-002
http://www.oxidforge.org/wiki/Security_bulletins/2009-002