VYPR
Unrated severityNVD Advisory· Published Sep 9, 2009· Updated Jun 16, 2026

CVE-2009-2266

CVE-2009-2266

Description

OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote attackers to obtain sensitive information (session details and order history of other users) via a crafted cookie.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

34
  • Oxid/Eshop34 versions
    cpe:2.3:a:oxid:eshop:4.0.0.0_13895:*:community:*:*:*:*:*+ 33 more
    • cpe:2.3:a:oxid:eshop:4.0.0.0_13895:*:community:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.0_13895:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.0_13895:*:professional:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.0_13934:*:community:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.0_13934:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.0_13934:*:professional:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.0_14260:*:community:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.0_14260:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.0_14260:*:professional:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.1_14455:*:community:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.1_14455:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.1_14455:*:professional:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.2_14842:*:community:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.2_14842:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.2_14842:*:professional:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.2_14967:*:community:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.2_14967:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.0.2_14967:*:professional:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.1.0_15990:*:community:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.1.0_15990:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.0.1.0_15990:*:professional:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.1.0-17976:*:community:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.1.0-17976:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.1.0-17976:*:professional:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.1.1-18442:*:professional:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.1.2-18998:*:community:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.1.2-18998:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.1.2-18998:*:professional:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.1.3-19918:*:community:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.1.3-19918:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:4.1.3-19918:*:professional:*:*:*:*:*
    • cpe:2.3:a:oxid:eshop:*:*:enterprise:*:*:*:*:*range: <=2.7.0.3
    • cpe:2.3:a:oxid:eshop:*:*:professional:*:*:*:*:*range: <=3.0.4.1
    • (no CPE)range: <=4.1.4-21266 (4.x before 4.1.4-21266; also 3.x, 2.x)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.