Every CVE whose affected-product data names Oxidforge Oxid Eshop, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2009-3112 — CVSS 10.0 (critical): Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain…
CVE-2016-5072 — CVSS 8.8 (high): OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class. Fixed…
CVE-2023-26260 — CVSS 5.4 (medium): OXID eShop 6.2.x before 6.4.4 and 6.5.x before 6.5.2 allows session hijacking, leading to partial access of a customer's account by an…