Lucene search
K

4 matches found

0day.today
0day.today
added 2020/05/02 12:0 a.m.54 views

Apache OFBiz 17.12.03 Cross Site Request Forgery Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Apache OFBiz 17.12.03 - Cross-Site Request Forgery Account Takeover Exploit Author: Faiz Ahmed Zaidi Vendor Homepage: https://ofbiz.apache.org/security.html Software Link: https://ofbiz.apache.org/download.htmlsecurity...

6.8CVSS8.7AI score0.32747EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/05/01 12:0 a.m.571 views

Apache OFBiz 17.12.03 - Cross-Site Request Forgery (Account Takeover)

Exploit Title: Apache OFBiz 17.12.03 - Cross-Site Request Forgery Account Takeover Exploit Author: Faiz Ahmed Zaidi Vendor Homepage: https://ofbiz.apache.org/security.html Software Link: https://ofbiz.apache.org/download.htmlsecurity Version: Before 17.12.03 Tested on: Linux and Windows CVE :...

8.8CVSS8.7AI score0.32747EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/05/01 12:0 a.m.101 views

Apache OFBiz 17.12.03 Cross Site Request Forgery

Exploit Title: Apache OFBiz 17.12.03 - Cross-Site Request Forgery Account Takeover Exploit Author: Faiz Ahmed Zaidi Vendor Homepage: https://ofbiz.apache.org/security.html Software Link: https://ofbiz.apache.org/download.htmlsecurity Version: Before 17.12.03 Tested on: Linux and Windows CVE :...

6.8CVSS0.6AI score0.32747EPSS
Exploits4
CVE
CVE
added 2020/04/30 7:22 p.m.85 views

CVE-2019-0235

CVE-2019-0235 affects Apache OFBiz. Connected sources detail a Cross-Site Request Forgery vulnerability in OFBiz 17.12.01 (and related 17.12.x releases) where forged requests can perform unauthorized actions (e.g., via endpoints like updateEmailAddress). The core issue is CSRF protection weakness...

8.8CVSS8.6AI score0.32747EPSS
Exploits4References9Affected Software1
Rows per page
Query Builder