Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache ofbiz 11.04.02 vulnerabilities and exploits
(subscribe to this query)
530
VMScore
CVE-2014-0232
Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 prior to 11.04.05 and 12.04.01 prior to 12.04.04 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, which are...
Apache Ofbiz 12.04.01
Apache Ofbiz 12.04.02
Apache Ofbiz 12.04.03
Apache Ofbiz 11.04.01
Apache Ofbiz 11.04.02
Apache Ofbiz 11.04.03
Apache Ofbiz 11.04.04
530
VMScore
CVE-2013-2137
Cross-site scripting (XSS) vulnerability in the "View Log" screen in the Webtools application in Apache Open For Business Project (aka OFBiz) 10.04.01 up to and including 10.04.05, 11.04.01 up to and including 11.04.02, and 12.04.01 allows remote malicious users to inje...
Apache Ofbiz 10.04.01
Apache Ofbiz 10.04.02
Apache Ofbiz 10.04.03
Apache Ofbiz 10.04.04
Apache Ofbiz 10.04.05
Apache Ofbiz 11.04.01
Apache Ofbiz 11.04.02
Apache Ofbiz 12.04.01
1000
VMScore
CVE-2013-2250
Apache Open For Business Project (aka OFBiz) 10.04.01 up to and including 10.04.05, 11.04.01 up to and including 11.04.02, and 12.04.01 allows remote malicious users to execute arbitrary Unified Expression Language (UEL) functions via JUEL metacharacters in unspecified parameters...
Apache Ofbiz 10.04.01
Apache Ofbiz 10.04.02
Apache Ofbiz 10.04.03
Apache Ofbiz 10.04.04
Apache Ofbiz 10.04.05
Apache Ofbiz 11.04.01
Apache Ofbiz 11.04.02
Apache Ofbiz 12.04.01
980
VMScore
CVE-2016-4462
By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to...
Apache Ofbiz 11.04
Apache Ofbiz 11.04.01
Apache Ofbiz 11.04.02
Apache Ofbiz 11.04.03
Apache Ofbiz 11.04.04
Apache Ofbiz 11.04.05
Apache Ofbiz 11.04.06
Apache Ofbiz 12.04
Apache Ofbiz 12.04.01
Apache Ofbiz 12.04.02
Apache Ofbiz 12.04.03
Apache Ofbiz 12.04.04
710
VMScore
CVE-2016-6800
The default configuration of the Apache OFBiz framework offers a blog functionality. Different users are able to operate blogs which are related to specific parties. In the form field for the creation of new blog articles the user input of the summary field as well as the article...
Apache Ofbiz 11.04
Apache Ofbiz 11.04.01
Apache Ofbiz 11.04.02
Apache Ofbiz 11.04.03
Apache Ofbiz 11.04.04
Apache Ofbiz 11.04.05
Apache Ofbiz 11.04.06
Apache Ofbiz 12.04
Apache Ofbiz 12.04.01
Apache Ofbiz 12.04.02
Apache Ofbiz 12.04.03
Apache Ofbiz 12.04.04
Preferred Score:
VMScore
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
dos
cente tcp/ipv4
CVE-2025-26568
hard-coded
CVE-2025-25898
heart health ios mobile application
myscada
CVE-2025-24016
arbitrary
CVE-2023-34402
CVE-2024-37602
130.8005
CVE-2025-24200
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started