Security


Security Bulletin 2017-001

CVE-2017-12415: Under certain pre-conditions an attacker would be able to hijack the cart session of a client via a Cross-Site Request Forgery (CSRF).

PHPMailer < 5.2.21 Remote Code Execution: OXID eShop is safe!

In PHPMailer which is used in OXID eShop, the security issue CVE-2016-10033 was found. OXID eShop is safe. Please read how to update anyway if you wish.

Security Bulletin 2016-001

CVE-2016-5072: By sending specially craftet HTTP_POST or HTTP_GET requests to the oxuser class, an attacker can gain administrative access to OXID eShop via the storefront.

Security Bulletin 2015-001

CVE-2015-6926: An attacker can deploy his own OpenID Identity Provider (IdP) issuing valid OpenID authentication tokens (OpenID supports the usage of arbitrary IdPs). The attacker’s IdP can issue tokens containing any email address within the token (this feature is allowed by the OpenID specification).

Security bulletin: 2014-003

CVE-2014-4919: A possibility to assign to any user group, except admin group, without admin confirmation has been found in OXID eShop all editions, all former versions.

Security bulletin: 2014-002

CVE-2014-2017: A HTTP response splitting vulnerability has been found in OXID eShop all editions, all former versions.

Security bulletin: 2014-001

CVE-2014-2016: Under certain circumstances, an attacker can trick a user to enter a specially crafted URI or click on a mal-formed link to exploit a cross-site scripting vulnerability that theoretically can be used to gain unauthorized access to a user account or collect sensitive information of this user.

Security bulletin: 2013-001

CVE-2013-5913: Under certain circumstances, an attacker can trick a user to enter a specially crafted URI or click on a mal-formed link to exploit a cross-site scripting vulnerability that theoretically can be used to gain unauthorized access to a user account or collect sensitive information of this user.

Security bulletin: 2011-004

When admin panel uses SSL, in some rare cases non-SSL linkes approach for data transfer. This may lead to a possible “man in the middle attack”.

Security bulletin: 2011-003

By creating specially crafted URLs, each time new cache is created for requested pages, so server may go out of resources (disk or memory) in case of DoS attack.

Security bulletin: 2011-002

In some special cases when several users are working on the same place in eShop frontend, it’s possible to capture the session of other user.