Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 10/04/2017 Updated: 14/04/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

OXID eShop prior to 2016-06-13 allows remote malicious users to execute arbitrary code via a GET or POST request to the oxuser class. Fixed versions are Enterprise Edition v5.1.12, Enterprise Edition v5.2.9, Professional Edition v4.8.12, Professional Edition v4.9.9, Community Edition v4.8.12, Community Edition v4.9.9.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oxidforge oxid eshop

Quickfix applier against security issue 2016-001

patcher-2016-001 Quickfix applier against security issue 2016-001 Helps to fix the following: today, OXID eShop versions 4812 and 5112 as well as 499 and 529 were published They contain an important fix for a very certain security issue [URL="cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2016-5072"]CVE-2016-5072[/URL] Please update your installation as s

CWE-94 https://oxidforge.org/en/security-bulletin-2016-001.html https://nvd.nist.gov https://github.com/OXIDprojects/patcher-2016-001

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-5072

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect