CVE-2009-3112
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/09/2009
Last modified:
09/04/2025
Description
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13895:*:community_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13895:*:enterprise_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13895:*:pro_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13934:*:community_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13934:*:enterprise_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13934:*:pro_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_14260:*:community_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_14260:*:enterprise_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_14260:*:pro_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.1_14455:*:community_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.1_14455:*:enterprise_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.1_14455:*:pro_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.2_14842:*:community_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.2_14842:*:enterprise_edition:*:*:*:*:* | ||
| cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.2_14842:*:pro_edition:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page