VYPR
Unrated severityNVD Advisory· Published Jan 15, 2019· Updated Aug 5, 2024

CVE-2018-20715

CVE-2018-20715

Description

The DB abstraction layer of OXID eSales 4.10.6 is vulnerable to SQL injection via the oxid or synchoxid parameter to the oxConfig::getRequestParameter() method in core/oxconfig.php.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.