4 matches found
Apache OFBiz 17.12.03 Cross Site Request Forgery Vulnerability
Exploit for multiple platform in category web applications Exploit Title: Apache OFBiz 17.12.03 - Cross-Site Request Forgery Account Takeover Exploit Author: Faiz Ahmed Zaidi Vendor Homepage: https://ofbiz.apache.org/security.html Software Link: https://ofbiz.apache.org/download.htmlsecurity...
Apache OFBiz 17.12.03 - Cross-Site Request Forgery (Account Takeover)
Exploit Title: Apache OFBiz 17.12.03 - Cross-Site Request Forgery Account Takeover Exploit Author: Faiz Ahmed Zaidi Vendor Homepage: https://ofbiz.apache.org/security.html Software Link: https://ofbiz.apache.org/download.htmlsecurity Version: Before 17.12.03 Tested on: Linux and Windows CVE :...
Apache OFBiz 17.12.03 Cross Site Request Forgery
Exploit Title: Apache OFBiz 17.12.03 - Cross-Site Request Forgery Account Takeover Exploit Author: Faiz Ahmed Zaidi Vendor Homepage: https://ofbiz.apache.org/security.html Software Link: https://ofbiz.apache.org/download.htmlsecurity Version: Before 17.12.03 Tested on: Linux and Windows CVE :...
CVE-2019-0235
CVE-2019-0235 affects Apache OFBiz. Connected sources detail a Cross-Site Request Forgery vulnerability in OFBiz 17.12.01 (and related 17.12.x releases) where forged requests can perform unauthorized actions (e.g., via endpoints like updateEmailAddress). The core issue is CSRF protection weakness...