Lucene search
+L

6 matches found

VulnCheck KEV
VulnCheck KEV
added 2024/12/05 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-45507

Server-Side Request Forgery SSRF, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue...

9.8CVSS5.8AI score0.93382EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/09/06 5:22 a.m.37 views

Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution

A new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning ERP system that, if successfully exploited, could lead to unauthenticated remote code execution on Linux and Windows. The high-severity vulnerability, tracked as CVE-2024-45195 CVSS score: 7.5,...

9.8CVSS9.4AI score0.99983EPSS
Exploits15
Circl
Circl
added 2024/09/04 11:53 a.m.47 views

CVE-2024-45507

creationtimestamp| type| source ---|---|--- 2024-09-04 11:53:32+00:00| seen| https://t.me/cvedetector/4778 2024-09-21 16:06:49+00:00| published-proof-of-concept| https://t.me/realLulzSec/18824 2024-09-21 16:06:49+00:00| published-proof-of-concept| https://t.me/realLulzSec/2041 2024-09-21...

9.8CVSS7.5AI score0.93382EPSS
In wildExploits0References9
Vulnrichment
Vulnrichment
added 2024/09/04 8:8 a.m.49 views

CVE-2024-45507 Apache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE

Server-Side Request Forgery SSRF, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue...

7.4AI score0.93382EPSS
Exploits0References4
OSV
OSV
added 2024/09/04 8:8 a.m.10 views

CVE-2024-45507 Apache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE

Server-Side Request Forgery SSRF, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue...

8.8CVSS7.3AI score0.93382EPSS
Exploits0References7
CVE
CVE
added 2024/09/04 8:8 a.m.133 views

CVE-2024-45507

CVE-2024-45507 affects Apache OFBiz versions before 18.12.16. The issue combines Server-Side Request Forgery (SSRF) and Code Injection due to missing view authorization, enabling unauthenticated remote code execution on affected servers. Mitigation: upgrade to OFBiz 18.12.16 or later. No explicit...

9.8CVSS9.7AI score0.93382EPSS
In wildExploits0References5Affected Software1
Rows per page
Query Builder