cbcvebase.
CVE-2024-56526
published 2025-05-13

CVE-2024-56526: An issue was discovered in OXID eShop before 7. CMS pages in combination with Smarty may display user information if a CMS page contains a Smarty syntax error.

PriorityP421medium4.9CVSS 3.1
AVNACLPRHUINSUCHINAN
EPSS
0.30%
21.8th percentile
An issue was discovered in OXID eShop before 7. CMS pages in combination with Smarty may display user information if a CMS page contains a Smarty syntax error.

Affected

2 ranges
VendorProductVersion rangeFixed in
oxid-esaleseshop<= 7.0.5
oxid-esalesoxideshop-ce0 – 7.0.5
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.