CVE-2013-5913

Published Oct 15, 2013

Last updated 7 years ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in the getRecommSearch function in recommlist.php in OXID eShop before 4.6.7, Professional and Community Edition 4.7.x before 4.7.8, and Enterprise Edition 5.x before 5.0.8 allows remote attackers to inject arbitrary web script or HTML via the searchrecomm parameter.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE9C5630-2C41-4EB2-A6A4-F61FE2B957AE",
            "versionEndIncluding": "4.6.6"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DE5865B-A265-42D7-BFD0-310C554F6DB1"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81D2CB2F-E93F-4F9D-99BE-1B430F72FFC0"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFD5460E-8235-4234-B1A5-F4842F65CD11"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F393BDB8-7337-4EB8-B368-E018601FD503"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8BD3E8D-8564-4F4E-926D-43870EF59666"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BAE1D70-822F-4B6B-8BFD-0E5900C66DF8"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.0:*:*:*:community:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA503436-DE08-458E-83E1-FF2D82A5E85B"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.0:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F8289FD-5873-46D4-887B-F0AD5CE651BA"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.1:*:*:*:community:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7966E2B6-817E-4DA6-A8EE-92BC51BAB344"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.1:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "600E8455-64CE-456B-9CC5-656F1D25157D"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.2:*:*:*:community:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F3E6A10-CAB8-42D4-9DDF-D5004BEA7B0F"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.2:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C822195C-A811-4515-8EFF-13EC1553BAF2"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.3:*:*:*:community:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB1F5ADE-85A3-4258-98E6-C14109183B33"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.3:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B444D305-1F76-4580-99CD-25C58DA3288D"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.4:*:*:*:community:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BA4DA25-4B92-42E9-A746-99EF85E87A91"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.4:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B113034B-D07E-4CD0-AF66-5F4947174534"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.5:*:*:*:community:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "550436CB-6CA5-4398-B9EE-535106D297F9"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.5:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5172A1E1-566E-498D-87DE-2E1A62ACE04C"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.6:*:*:*:community:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "771BBA21-C841-4EA8-967B-C9057FF913C2"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.6:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B71186B-8FC0-434E-BF46-3AAB76719D44"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.7:*:*:*:community:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88C6DFA3-6920-40B2-9180-168A26A032C9"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:4.7.7:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34F6F68F-816B-4DB5-92A1-C953424A5F7E"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:5.0.0:*:*:*:enterprise:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "351D61AB-F4D1-405D-B157-1FB82A361AE6"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:5.0.1:*:*:*:enterprise:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2414B427-E6FD-4432-8742-322D40130F84"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:5.0.2:*:*:*:enterprise:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D5EA970-9FAC-42CE-A4CB-7C7644575114"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:5.0.3:*:*:*:enterprise:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FE4411A-5C9C-4AC8-AF72-E84F8BFED749"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:5.0.4:*:*:*:enterprise:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD5614B8-C58D-4269-AF0E-70649271D766"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:5.0.5:*:*:*:enterprise:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8FEC946-BB4E-45A2-ABCF-A32A3DCE531A"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:5.0.6:*:*:*:enterprise:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE8F71C5-47CD-4420-8AD4-A52FD89FEAEF"
          },
          {
            "criteria": "cpe:2.3:a:oxid-esales:eshop:5.0.7:*:*:*:enterprise:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73DA724A-6C57-45FF-805A-9530CD2AD6FE"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References