Posted by LSE-Advisories on May 03

=== LSE Leading Security Experts GmbH – Security Advisory 2016-02-03 ===

OXID eShop Path Traversal Vulnerability
————————————————————————

Affected Versions
=================
Community Edition 4.9.7

Issue Overview
==============
Vulnerability Type: path traversal, privilege escalation
Version: Tested in Community Edition 4.9.7
Technical Risk: high
Likelihood of Exploitation: medium
Vendor: OXID…