CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25370 – Unauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz
https://notcve.org/view.php?id=CVE-2022-25370
02 Sep 2022 — Apache OFBiz uses the Birt plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142), an unauthenticated malicious user could perform a stored XSS attack in order to inject a malicious payload and execute it using the stored XSS. Apache OFBiz usa el plugin Birt (https://eclipse.github.io/birt-website/) para crear visualizacione... • http://www.openwall.com/lists/oss-security/2022/09/02/8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-37608 – Arbitrary file upload vulnerability in OFBiz
https://notcve.org/view.php?id=CVE-2021-37608
18 Aug 2021 — Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands. This issue affects Apache OFBiz version 17.12.07 and prior versions. Upgrade to at least 17.12.08 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12297. Una vulnerabilidad de Carga sin Restricciones de Archivos de Tipo Peligroso en Apache OFBiz, permite a un atacante ejecutar comandos remotos. Este problema afecta a Apache OFBiz versión 17.12.07 y versiones anteriores.... • https://lists.apache.org/thread.html/r164c91c47d638869c38e41b3ce501ecaa71f385939f098b2e04df049%40%3Cnotifications.ofbiz.apache.org%3E • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 56%CPEs: 1EXPL: 1CVE-2021-30128 – Unsafe deserialization in Apache OFBiz
https://notcve.org/view.php?id=CVE-2021-30128
27 Apr 2021 — Apache OFBiz has unsafe deserialization prior to 17.12.07 version Apache OFBiz, presenta una deserialización no segura, anterior a versión 17.12.07 • https://github.com/LioTree/CVE-2021-30128-EXP • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 91%CPEs: 1EXPL: 1CVE-2021-29200 – RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI
https://notcve.org/view.php?id=CVE-2021-29200
27 Apr 2021 — Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack Apache OFBiz, presenta deserialización no segura anteriores a versión 17.12.07. Un usuario no autenticado puede llevar a cabo un ataque RCE • https://github.com/freeide/CVE-2021-29200 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 97%CPEs: 1EXPL: 7CVE-2021-26295 – RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI
https://notcve.org/view.php?id=CVE-2021-26295
22 Mar 2021 — Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz. Apache OFBiz, presenta una deserialización no segura versiones anteriores a 17.12.06. Un atacante no autenticado puede usar esta vulnerabilidad para apoderarse con éxito de Apache OFBiz • https://packetstorm.news/files/id/162104 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-13923
https://notcve.org/view.php?id=CVE-2020-13923
15 Jul 2020 — IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04 Vulnerabilidad de IDOR en la funcionalidad order processing del componente ecommerce de Apache OFBiz versiones anteriores a 17.12.04 • https://lists.apache.org/thread.html/r0a0a701610b3bcdf14634047313adab3f1628bb9aa55cf29cd262ef5%40%3Ccommits.ofbiz.apache.org%3E • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.1EPSS: 29%CPEs: 1EXPL: 0CVE-2020-1943
https://notcve.org/view.php?id=CVE-2020-1943
01 Apr 2020 — Data sent with contentId to /control/stream is not sanitized, allowing XSS attacks in Apache OFBiz 16.11.01 to 16.11.07. Los datos enviados con contentId hacia /control/stream no son saneados, permitiendo ataques de tipo XSS en Apache OFBiz versiones 16.11.01 hasta 16.11.07. • https://lists.apache.org/thread.html/r034123f2767830169fd04c922afb22d2389de6e2faf3a083207202bc%40%3Ccommits.ofbiz.apache.org%3E • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12426
https://notcve.org/view.php?id=CVE-2019-12426
06 Feb 2020 — an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06 Un usuario no autenticado podría obtener acceso a la información de algunas pantallas del back-end invocando setSessionLocale en Apache OFBiz versiones 16.11.01 hasta 16.11.06 • https://lists.apache.org/thread.html/r034123f2767830169fd04c922afb22d2389de6e2faf3a083207202bc%40%3Ccommits.ofbiz.apache.org%3E •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2011-3600
https://notcve.org/view.php?id=CVE-2011-3600
26 Nov 2019 — The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity Injection by passing DOCTYPE declarations with executable payloads that discloses the contents of files in the filesystem. In addition, it can also be used to probe for open network ports, and figure out from returned error messages whether a file exists or not. This affects OFBiz 16.11.01 to 16.11.04. El endpoint /webtools/control/xmlrpc en el controlador de eventos OFBiz XML-RPC, está expuesto a External Ent... • http://mail-archives.apache.org/mod_mbox/ofbiz-user/201810.mbox/%3Cfad45546-af86-0293-9ea7-014553474b30%40apache.org%3E • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10074
https://notcve.org/view.php?id=CVE-2019-10074
11 Sep 2019 — An RCE is possible by entering Freemarker markup in an Apache OFBiz Form Widget textarea field when encoding has been disabled on such a field. This was the case for the Customer Request "story" input in the Order Manager application. Encoding should not be disabled without good reason and never within a field that accepts user input. Mitigation: Upgrade to 16.11.06 or manually apply the following commit on branch 16.11: r1858533 Un RCE es posible mediante el ingreso del marcado de Freemarker en un campo te... • https://lists.apache.org/thread.html/a02aaa4c19dfd520807cf6b106b71aad0131a6543f7f60802ae71ec2%40%3Cnotifications.ofbiz.apache.org%3E • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-116: Improper Encoding or Escaping of Output •