2 matches found
CVE-2024-45195
Direct Request ‘Forced Browsing’ vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue. Recent assessments: remmons-r7 at September 25, 2024 3:32pm UTC reported: Apache OFBiz is an open-source...
PT-2023-7705 · Apache · Apache Ofbiz
Name of the Vulnerable Software and Affected Versions: Apache OFBiz versions prior to 18.12.10 Description: The issue is related to a pre-authentication remote code execution vulnerability in Apache OFBiz due to the presence of unmaintained XML-RPC. This vulnerability allows an attacker to execut...