Vulnerability Details : CVE-2009-3113
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter.
Exploit prediction scoring system (EPSS) score for CVE-2009-3113
Probability of exploitation activity in the next 30 days: 0.13%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 46 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-3113
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2009-3113
-
http://www.oxidforge.org/wiki/Security_bulletins/2009-002
Vendor Advisory
Products affected by CVE-2009-3113
- cpe:2.3:a:oxid:eshop:*:*:enterprise:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:*:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.0_14260:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.0_14260:*:community:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.0_14260:*:enterprise:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.1_14455:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.1.0-17976:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.1.0-17976:*:enterprise:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.1.0-17976:*:community:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.1.2-18998:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.2_14842:*:enterprise:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.2_14967:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.2_14967:*:enterprise:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.2_14967:*:community:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.0_13895:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.0_13895:*:community:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.0_13895:*:enterprise:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.0_13934:*:community:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.1_14455:*:community:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.2_14842:*:community:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.1.0_15990:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.1.0_15990:*:enterprise:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.1.2-18998:*:enterprise:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.1.3-19918:*:enterprise:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.0_13934:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.0_13934:*:enterprise:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.1_14455:*:enterprise:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.0.2_14842:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.0.1.0_15990:*:community:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.1.1-18442:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.1.2-18998:*:community:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.1.3-19918:*:professional:*:*:*:*:*
- cpe:2.3:a:oxid:eshop:4.1.3-19918:*:community:*:*:*:*:*