Lucene search
+L

16 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:59 a.m.5 views

CVE-2023-51467

The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code...

9.8CVSS8.1AI score0.96001EPSS
Exploits12
GithubExploit
GithubExploit
added 2024/01/13 5:40 a.m.213 views

Exploit for Server-Side Request Forgery in Apache Ofbiz

BadBizness Automatic exploitation scrip...

9.8CVSS9.6AI score0.96001EPSS
Exploits16
GithubExploit
GithubExploit
added 2024/01/13 5:40 a.m.250 views

Exploit for Server-Side Request Forgery in Apache Ofbiz

BadBizness Automatic exploitation scrip...

9.8CVSS9.6AI score0.96001EPSS
Exploits16
GithubExploit
GithubExploit
added 2024/01/09 4:58 p.m.444 views

Exploit for Server-Side Request Forgery in Apache Ofbiz

Go-Exploit for CVE-2023-51467 This repository contains a go-e...

9.8CVSS9.8AI score0.96001EPSS
Exploits12
GithubExploit
GithubExploit
added 2024/01/08 3:13 a.m.150 views

Exploit for Code Injection in Apache Ofbiz

Exploit CVE-2023-49070 and CVE-2023-51467 Apache OFBiz 18.12...

9.8CVSS9.8AI score0.96001EPSS
Exploits16
hivepro
hivepro
added 2024/01/03 9:22 a.m.68 views

Zero-Day Authentication Bypass Exploit in Apache OFBiz

Summary: CVE-2023-51467 is a critical authentication bypass vulnerability in Apache OFBiz. Exploitation of this vulnerability could result in bypass authentication to achieve a simple Server-Side Request Forgery SSRF or arbitrary code execution. Users are advised to update to Apache OFBiz version...

7.5CVSS8AI score0.96001EPSS
Exploits12
GithubExploit
GithubExploit
added 2024/01/02 2:20 p.m.190 views

Exploit for Code Injection in Apache Ofbiz

Apache OFBiz Authentication Bypass Vulnerability CVE-2023-514...

9.8CVSS10AI score0.96001EPSS
Exploits16
VulnCheck KEV
VulnCheck KEV
added 2024/01/02 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-51467

The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code...

9.8CVSS7.7AI score0.96001EPSS
Exploits12References1
Imperva Blog
Imperva Blog
added 2023/12/29 7:48 p.m.36 views

Imperva defends customers against recent vulnerabilities in Apache OFBiz

On December 26, researchers from SonicWall Capture Labs discovered an authentication bypass vulnerability in Apache OFBiz, tracked as CVE-2023-51467. This bug has a CVSS score of 9.8 and allows attackers to achieve server-side request forgery SSRF by bypassing the program’s authentication. This...

7.5CVSS8.6AI score0.96001EPSS
Exploits16
GithubExploit
GithubExploit
added 2023/12/29 5:47 p.m.470 views

Exploit for Server-Side Request Forgery in Apache Ofbiz

CVE-2023-51467 - Apache OFBiz Authentication Bypass This flaw...

9.8CVSS9.9AI score0.96001EPSS
Exploits12
GithubExploit
GithubExploit
added 2023/12/29 3:1 p.m.179 views

Exploit for Server-Side Request Forgery in Apache Ofbiz

CVE-2023-51467 Scanner 🕵️‍♂️ Description 📜 CVE-2023-51467...

9.8CVSS10AI score0.96001EPSS
Exploits16
GithubExploit
GithubExploit
added 2023/12/29 2:25 a.m.586 views

Exploit for Server-Side Request Forgery in Apache Ofbiz

CVE-2023-51467 exp.py changed to command execution P...

9.8CVSS7.7AI score0.96001EPSS
Exploits12
The Hacker News
The Hacker News
added 2023/12/27 3:39 p.m.66 views

Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack

A new zero-day security flaw has been discovered in Apache OfBiz, an open-source Enterprise Resource Planning ERP system that could be exploited to bypass authentication protections. The vulnerability, tracked as CVE-2023-51467, resides in the login functionality and is the result of an incomplet...

9.8CVSS10AI score0.96001EPSS
Exploits16
CVE
CVE
added 2023/12/26 2:46 p.m.314 views

CVE-2023-51467

CVE-2023-51467 is a documented authentication bypass vulnerability in Apache OFBiz that can enable remote code execution. Multiple connected sources describe pre-authentication bypass paths and post-bypass impact, including potential SSRF or arbitrary code execution. Affected version notes appear...

9.8CVSS9.9AI score0.96001EPSS
In wildExploits12References8Affected Software1
Metasploit
Metasploit
added 2021/03/12 5:41 p.m.81 views

Apache OFBiz XML-RPC Java Deserialization

This module exploits a Java deserialization vulnerability in Apache OFBiz's unauthenticated XML-RPC endpoint /webtools/control/xmlrpc for versions prior to 17.12.01 using the ROME gadget chain. Versions up to 18.12.11 are exploitable utilizing an auth bypass CVE-2023-51467 and use the...

9.8CVSS8.2AI score0.98926EPSS
Exploits31
Circl
Circl
added 2021/03/11 6:53 p.m.7 views

CVE-2023-51467

creationtimestamp| type| source ---|---|--- 2021-03-11 18:53:17+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/apacheofbizdeserialization.rb 2023-12-26 16:27:07+00:00| seen| https://t.me/ctinow/159364 2023-12-27 16:45:34+00:00| seen|...

9.8CVSS7.1AI score0.96001EPSS
In wildExploits12References35
Rows per page
Query Builder