Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

apache ofbiz 11.04.06 vulnerabilities and exploits

(subscribe to this query)
6.1
CVSSv3

CVE-2016-6800

The default configuration of the Apache OFBiz framework offers a blog functionality. Different users are able to operate blogs which are related to specific parties. In the form field for the creation of new blog articles the user input of the summary field as well as the article...
Apache Ofbiz 11.04Apache Ofbiz 11.04.01Apache Ofbiz 11.04.02Apache Ofbiz 11.04.03Apache Ofbiz 11.04.04Apache Ofbiz 11.04.05Apache Ofbiz 11.04.06Apache Ofbiz 12.04Apache Ofbiz 12.04.01Apache Ofbiz 12.04.02Apache Ofbiz 12.04.03Apache Ofbiz 12.04.04
8.8
CVSSv3

CVE-2016-4462

By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to...
Apache Ofbiz 11.04Apache Ofbiz 11.04.01Apache Ofbiz 11.04.02Apache Ofbiz 11.04.03Apache Ofbiz 11.04.04Apache Ofbiz 11.04.05Apache Ofbiz 11.04.06Apache Ofbiz 12.04Apache Ofbiz 12.04.01Apache Ofbiz 12.04.02Apache Ofbiz 12.04.03Apache Ofbiz 12.04.04
Preferred Score:
CVSSv4
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
springboot-adminCVE-2025-3989lecmsCVE-2025-3906code injectionCVE-2025-32432CVE-2025-2105CVE-2025-3984wirelessopplustype confusionCVE-2025-29306n150rt
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook