Apache OFBiz Forgot Password Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache OFBiz Forgot Password Directory Traversal', 'Description' = %q Apache OFBiz versions prior to 18.12.13 are vulnerable to a path traversal...

Exploit for Path Traversal in Apache Ofbiz

Apache OfBiz vulns POC for CVE-2024-32113 The USERNAME...

CVE-2019-0189

The java.io.ObjectInputStream is known to cause Java serialisation issues. This issue here is exposed by the "webtools/control/httpService" URL, and uses Java deserialization to perform code execution. In the HttpEngine, the value of the request parameter "serviceContext" is passed to the...

CVE-2019-0189

The java.io.ObjectInputStream is known to cause Java serialisation issues. This issue here is exposed by the "webtools/control/httpService" URL, and uses Java deserialization to perform code execution. In the HttpEngine, the value of the request parameter "serviceContext" is passed to the...

Apache OFBiz 16.11.04 XML Injection

Exploit Title: Apache OFBiz 16.11.04 - XML External Entity Injection Date: 2018-10-15 Exploit Author: Jamie Parfet Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://archive.apache.org/dist/ofbiz/ Version: xXx xXx """ if lensys.argv = 1: print' Apache OFBiz 16.11.04 XXE' print' Use...

Apache OFBiz - FULLADMIN Creator PoC Payload

No description provided by source. / Apache OFBiz FULLADMIN Creator PoC Payload. CVE: CVE-2010-0432 By: Lucas Apa lucas -at- bonsai-sec.com . Bonsai Information Security http://www.bonsai-sec.com/ / var username = 'bonsaiUser'; var password = 'bonsaiPass'; var nodes =...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Apache Open For Business Project aka OFBiz 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via 1 the productStoreId parameter to control/exportProductListing, 2...