Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the Paymorrow module 1.0.0 before 1.0.2 and 2.0.0 before 2.0.1 for OXID eShop. An attacker can bypass delivery-address change detection if the payment module doesn't use eShop's checkout procedure properly. To do so, the attacker must change the delivery address to one that is not verified by the Paymorrow module.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OXID eSales OXID eShop Paymorrow模块安全漏洞
Vulnerability Description
OXID eSales OXID eShop是德国OXID eSales公司的一套电子商务内容管理系统。该系统包括B2C、B2B等模块。Paymorrow module是其中的一个支付模块。 OXID eSales OXID eShop的Paymorrow模块1.0.2之前的1.0.0版本和2.0.1之前的2.0.0版本中存在安全漏洞,该漏洞源于payment模块没有正确地使用eShop的结账步骤。攻击者可利用该漏洞修改收货地址。
CVSS Information
N/A
Vulnerability Type
N/A