5 matches found
Linux Distros Unpatched Vulnerability : CVE-2011-3600
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity Injection by passing DOCTYPE declarations with executable...
VulnCheck KEV: CVE-2011-3600
The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity Injection by passing DOCTYPE declarations with executable payloads that discloses the contents of files in the filesystem. In addition, it can also be used to probe for open network ports, and...
CVE-2011-3600
creationtimestamp| type| source ---|---|--- 2019-11-26 08:57:30+00:00| seen| https://t.me/cibsecurity/8324 2024-10-25 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-10-25 2024-10-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-10-26...
CVE-2011-3600
The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity Injection by passing DOCTYPE declarations with executable payloads that discloses the contents of files in the filesystem. In addition, it can also be used to probe for open network ports, and figur...
CVE-2011-3600
CVE-2011-3600 affects Apache OFBiz: the /webtools/control/xmlrpc endpoint in the OFBiz XML-RPC handler is vulnerable to External Entity Injection through DOCTYPE declarations, enabling disclosure of filesystem contents and allowing port probe and existence checks via error messages. Affected vers...