Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2009-3113

Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter.

Published: Sep 9, 2009
Updated: Nov 9, 2025
CVE: CVE-2009-3113
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oxid / eshop	4.0.0.0_13895	4.0.0.0_13895.x
oxid / eshop	4.0.0.0_14260	4.0.0.0_14260.x
oxid / eshop	4.0.0.2_14967	4.0.0.2_14967.x
oxid / eshop	4.0.1.0_15990	4.0.1.0_15990.x
oxid / eshop	4.1.2-18998	4.1.2-18998.x
oxid / eshop	4.1.1-18442	4.1.1-18442.x
oxid / eshop	4.1.0-17976	4.1.0-17976.x
oxid / eshop	4.0.0.2_14842	4.0.0.2_14842.x
oxid / eshop	4.0.0.0_13934	4.0.0.0_13934.x
oxid / eshop	4.0.0.1_14455	4.0.0.1_14455.x
oxid / eshop	-	2.7.0.3.x
oxid / eshop	4.1.3-19918	4.1.3-19918.x
oxid / eshop	-	3.0.4.1.x

http://www.oxidforge.org/wiki/Security_bulletins/2009-002

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo