CVE-2019-13026

OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Injection via a crafted URL, leading to full access by an attacker. This includes all shopping cart options, customer data, and the database. No interaction between the attacker and the victim is necessary.
References
Configurations

Configuration 1

cpe:2.3:a:oxid-esales:eshop:*:*:*:*:*:*:*:*
cpe:2.3:a:oxid-esales:eshop:*:*:*:*:*:*:*:*

Information

Published : 2019-07-30 08:15

Updated : 2019-08-07 03:10


NVD link : CVE-2019-13026

Mitre link : CVE-2019-13026

Products Affected
No products.
CWE