Security Advisory

CVE-2019-13026

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-30 19:39:25

Last updated 2024-08-04 23:41:09

Assigner mitre

State PUBLISHED

Description

OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Injection via a crafted URL, leading to full access by an attacker. This includes all shopping cart options, customer data, and the database. No interaction between the attacker and the victim is necessary.

← Browse all CVEs View on cve.org ↗