CyberSec.Space Logo
CVEブラウザに戻る

CVE-2003-0509

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0510%
EPSS Percentile29.57th
Published2003年8月7日
Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in (1) 10expand.asp, (2) 10browse.asp, and (3) 20review.asp.

Affected Platforms (CPE)

📦
Cyberstrong

Eshop

<= 4.2

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=105709450711395&w=2
🔗 http://secunia.com/advisories/9165
🔗 http://securitytracker.com/id?1007092
🔗 http://www.osvdb.org/10098
🔗 http://www.osvdb.org/10099
🔗 http://www.osvdb.org/10100
🔗 http://www.securityfocus.com/bid/14101
🔗 http://www.securityfocus.com/bid/14103

関連する脆弱性情報

CVE-2009-311210.0

Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to ga...

CVE-2019-130269.8

OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Injection via a crafted URL, leading to full access by an attacker...

CVE-2019-170628.8

An issue was discovered in OXID eShop 6.x before 6.0.6 and 6.1.x before 6.1.5, OXID eShop Enterprise Edition Version 5.2.x-5.3.x, ...

CVE-2016-07698.8

Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow (1) remote administrator...