Vulnerability Details : CVE-2009-3112
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter.
Products affected by CVE-2009-3112
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13895:*:pro_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_14260:*:enterprise_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.2_14842:*:enterprise_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.1_14455:*:community_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.1_14455:*:pro_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.2_14842:*:pro_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.2_14967:*:pro_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.1.0_15990:*:pro_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13934:*:pro_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13895:*:enterprise_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13895:*:community_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.2_14967:*:enterprise_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.1.0_15990:*:enterprise_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13934:*:community_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_14260:*:community_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_14260:*:pro_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.0_13934:*:enterprise_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.1_14455:*:enterprise_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:4.0.0.2_14842:*:community_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop:44.0.1.0_15990:*:community_edition:*:*:*:*:*
- cpe:2.3:a:oxidforge:oxid_eshop4.0.0.2_14967:*:community_edition:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-3112
0.54%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 77 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-3112
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2009-3112
-
http://www.oxidforge.org/wiki/Security_bulletins/2009-001
Patch;Vendor Advisory
Jump to