Versions
Apache OFBizApache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE
Apache OFBizApache OFBiz: Confused controller-view authorization logic (forced browsing)
Apache OFBizApache OFBiz Incorrect Authorization Vulnerability
Apache OFBizApache OFBiz Path Traversal Vulnerability
Apache OFBizApache OFBiz: Path traversal or file inclusion
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
BleepingComputerApache OFBiz RCE flaw exploited to find vulnerable Confluence servers
Apache OFBizApache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability
Apache OFBizApache OFBiz: Arbitrary file properties reading and SSRF attack
Apache OFBizPre-auth RCE in Apache Ofbiz 18.12.09 due to XML-RPC still present
Apache OFBizApache OFBiz: Execution of Solr plugin queries without authentication
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache OFBizApache OFBiz: Arbitrary file reading vulnerability
Apache OFBizRegular Expression Denial of Service (ReDoS) vulnerability in Apache OFBiz
Apache OFBizJava Deserialization via RMI Connection from the Solr plugin of Apache OFBiz
Apache OFBizServer-Side Template Injection affecting the ecommerce plugin of Apache OFBiz
Apache OFBizUnauth Path Traversal with file corruption affecting the Birt plugin of Apache OFBiz
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache OFBizUnauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz
Apache OFBizGeneration of Error Message Containing Sensitive Information in Apache OFBiz
Apache OFBizArbitrary file upload vulnerability in OFBiz
Apache OFBizUnsafe deserialization in Apache OFBiz
Apache OFBizRCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache OFBizRCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI
Apache OFBizIDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 1…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache OFBizan unauthenticated user could get access to information of some backend screens by invoking setSessi…
Apache OFBizAn RCE is possible by entering Freemarker markup in an Apache OFBiz Form Widget textarea field when …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache OFBizThe java.io.ObjectInputStream is known to cause Java serialisation issues. This issue here is expose…
Apache OFBizThe Apache OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for …
Apache OFBizApache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecifi…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache OFBizUnspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.0…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.