CVE-2016-5072 in eShopИнформация

Сводка

по MITRE

OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class. Fixed versions are Enterprise Edition v5.1.12, Enterprise Edition v5.2.9, Professional Edition v4.8.12, Professional Edition v4.9.9, Community Edition v4.8.12, Community Edition v4.9.9.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Резервировать

26.05.2016

Раскрытие

09.04.2017

Модерация

принято

Вход

VDB-99521

CPE

готов

CWE

CWE-94 (Подтверждённый)

CVSS

8.8 (NVD)

EPSS

0.02040

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-5072
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-5072
CVE Details	https://www.cvedetails.com/cve/CVE-2016-5072/

◂ Предыдущий Обзор Далее ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!