Lucene search
K

14 matches found

redhatcve
redhatcve
added 2026/01/09 12:37 p.m.13 views

CVE-2023-49070

Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10...

9.8CVSS6.8AI score0.95442EPSS
Exploits11References1
githubexploit
githubexploit
added 2024/01/08 3:13 a.m.148 views

Exploit for Code Injection in Apache Ofbiz

Exploit CVE-2023-49070 and CVE-2023-51467 Apache OFBiz 18.12...

9.8CVSS9.8AI score0.96001EPSS
Exploits16
githubexploit
githubexploit
added 2024/01/02 2:20 p.m.189 views

Exploit for Code Injection in Apache Ofbiz

Apache OFBiz Authentication Bypass Vulnerability CVE-2023-514...

9.8CVSS10AI score0.96001EPSS
Exploits16
impervablog
impervablog
added 2023/12/29 7:48 p.m.35 views

Imperva defends customers against recent vulnerabilities in Apache OFBiz

On December 26, researchers from SonicWall Capture Labs discovered an authentication bypass vulnerability in Apache OFBiz, tracked as CVE-2023-51467. This bug has a CVSS score of 9.8 and allows attackers to achieve server-side request forgery SSRF by bypassing the program’s authentication. This...

7.5CVSS8.6AI score0.96001EPSS
Exploits16
zdt
zdt
added 2023/12/29 12:0 a.m.442 views

Apache OFBiz 18.12.09 Remote Code Execution Exploit

Apache OFBiz version 18.12.09 suffers from a pre-authentication remote code execution vulnerability. From: Jacques Le Roux Date: Mon, 04 Dec 2023 21:04:50 +0000 Severity: moderate Affected versions: - Apache OFBiz before 18.12.10 Description: Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to...

9.8CVSS10AI score0.95442EPSS
Exploits11
packetstorm
packetstorm
added 2023/12/29 12:0 a.m.474 views

Apache OFBiz 18.12.09 Remote Code Execution

From: Jacques Le Roux Date: Mon, 04 Dec 2023 21:04:50 +0000 Severity: moderate Affected versions: - Apache OFBiz before 18.12.10 Description: Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are...

9.8CVSS7.2AI score0.95442EPSS
Exploits11
thn
thn
added 2023/12/27 3:39 p.m.66 views

Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack

A new zero-day security flaw has been discovered in Apache OfBiz, an open-source Enterprise Resource Planning ERP system that could be exploited to bypass authentication protections. The vulnerability, tracked as CVE-2023-51467, resides in the login functionality and is the result of an incomplet...

9.8CVSS10AI score0.96001EPSS
Exploits16
githubexploit
githubexploit
added 2023/12/17 10:56 p.m.616 views

Exploit for Code Injection in Apache Ofbiz

CVE-2023-49070 Pre-auth RCE in Apache Ofbiz!!...

9.8CVSS9.7AI score0.95442EPSS
Exploits11
githubexploit
githubexploit
added 2023/12/14 9:32 a.m.668 views

Exploit for Code Injection in Apache Ofbiz

ofbiz-CVE-2023-49070-RCE-POC This is a pre-auth RCE POC For C...

9.8CVSS9.5AI score0.95442EPSS
Exploits11
nvd
nvd
added 2023/12/05 8:15 a.m.28 views

CVE-2023-49070

Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10...

9.8CVSS0.95442EPSS
Exploits11References7
cvelist
cvelist
added 2023/12/05 8:5 a.m.29 views

CVE-2023-49070 Pre-auth RCE in Apache Ofbiz 18.12.09 due to XML-RPC still present

Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10...

9.7AI score0.95442EPSS
Exploits11References6
cve
cve
added 2023/12/05 8:5 a.m.232 views

CVE-2023-49070

CVE-2023-49070 is a pre-auth RCE in Apache OFBiz up to version 18.12.09, caused by an unused XML-RPC component that remains present. Affected product: Apache OFBiz before 18.12.10 (and related CVE-2023-51467 authentication-bypass vector). The severity is high (CVSS v3.1 base score 9.8) with netwo...

9.8CVSS9.5AI score0.95442EPSS
In wildExploits11References7Affected Software1
attackerkb
attackerkb
added 2023/12/05 12:0 a.m.104 views

CVE-2023-49070

Pre-auth RCE in Apache Ofbiz 18.12.09. It’s due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10 Recent assessments: cbeek-r7 at January 03, 2024 8:34am UTC reported: CVE-2023-49070 is a critical...

9.8CVSS9.8AI score0.96001EPSS
In wildExploits16References8
circl
circl
added 2021/03/11 6:53 p.m.8 views

CVE-2023-49070

creationtimestamp| type| source ---|---|--- 2021-03-11 18:53:17+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/apacheofbizdeserialization.rb 2023-12-08 14:28:36+00:00| seen| Telegram/IuHaczD9X9yiXtYJrXIfE8UGwYIIen3ztK7ZS7N3IpycMQ 2023-12-14...

9.8CVSS7.1AI score0.95442EPSS
In wildExploits11References30
Rows per page
Query Builder