Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CRLF injection vulnerability in OXID eShop Professional Edition before 4.7.11 and 4.8.x before 4.8.4, Enterprise Edition before 5.0.11 and 5.1.x before 5.1.4, and Community Edition before 4.7.11 and 4.8.x before 4.8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OXID eShop 安全漏洞
Vulnerability Description
OXID eSales OXID eShop是德国OXID eSales公司的一套电子商务内容管理系统。该系统包括B2C、B2B等模块。 OXID eSales OXID eShop中存在HTTP响应拆分漏洞,该漏洞源于程序没有正确过滤用户提交的输入。远程攻击者可利用该漏洞注入任意的包头,并执行HTTP响应拆分攻击。以下版本受到影响:OXID eSales OXID eShop Professional Edition 4.7.11之前的版本,4.8.4之前的4.8.x版本,Enterprise Edit
CVSS Information
N/A
Vulnerability Type
N/A