CVE-2016-5072
N/A
N/A
Summary
OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class. Fixed versions are Enterprise Edition v5.1.12, Enterprise Edition v5.2.9, Professional Edition v4.8.12, Professional Edition v4.9.9, Community Edition v4.8.12, Community Edition v4.9.9.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | OXID eShop before 2016-06-13 | OXID eShop before 2016-06-13 | affected |
Weaknesses
- RCE
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.