Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/11 12:32 a.m.12 views

EUVD-2026-36169

A privilege escalation vulnerability in Apache OFBiz allows a low-privileged authenticated user to obtain higher privileges This issue affects Apache OFBiz: before 24.09.07. Users are recommended to upgrade to version 24.09.07, which fixes the issue...

5.4AI score0.00407EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 10:23 p.m.9 views

CVE-2026-50223 Apache OFBiz: DataResource Low-Privileged Authenticated FreeMarker Template Injection Leads to Remote Code Execution

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template injection attacks that could lead to Remote Code Execution. This issue affects Apache OFBiz: before...

5.5AI score0.00657EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 10:23 p.m.32 views

CVE-2026-50223 Apache OFBiz: DataResource Low-Privileged Authenticated FreeMarker Template Injection Leads to Remote Code Execution

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template injection attacks that could lead to Remote Code Execution. This issue affects Apache OFBiz: before...

0.00657EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.18 views

PT-2026-48576

Name of the Vulnerable Software and Affected Versions Apache OFBiz versions prior to 24.09.07 Description Improper Control of Generation of Code allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template injection attacks. This can lead to Remote...

6AI score0.00657EPSS
Exploits0References4
Rows per page
Query Builder