VYPR

OXID eShop Professional Edition

by Oxid

CVEs (2)

  • CVE-2014-2017MedJan 18, 2018
    risk 0.43cvss 6.1epss 0.02

    CRLF injection vulnerability in OXID eShop Professional Edition before 4.7.11 and 4.8.x before 4.8.4, Enterprise Edition before 5.0.11 and 5.1.x before 5.1.4, and Community Edition before 4.7.11 and 4.8.x before 4.8.4 allows remote attackers to inject arbitrary HTTP headers and…

  • CVE-2014-4919MedJan 19, 2018
    risk 0.35cvss 5.4epss 0.01

    OXID eShop Professional Edition before 4.7.13 and 4.8.x before 4.8.7, Enterprise Edition before 5.0.13 and 5.1.x before 5.1.7, and Community Edition before 4.7.13 and 4.8.x before 4.8.7 allow remote attackers to assign users to arbitrary dynamical user groups.