English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

Apache Software Foundation OFBiz 18.12.12

CPE Details

Apache Software Foundation OFBiz 18.12.12
apache
ofbiz
18.12.12
2024-04-15 09:50 +00:00
2024-04-15 09:50 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:a:apache:ofbiz:18.12.12:*:*:*:*:*:*:*

Informations

Vendor

apache

Product

ofbiz

Version

18.12.12

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2006-6588 2022-10-03 14:21 +00:00 The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types of content, modify content, or have other unknown impact.
7.5
CVE-2006-6587 2006-12-15 18:00 +00:00 Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message.
6.8
CVE-2006-6589 2006-12-15 18:00 +00:00 Cross-site scripting (XSS) vulnerability in ecommerce/control/keywordsearch in the Apache Open For Business Project (OFBiz) and Opentaps 0.9.3 allows remote attackers to inject arbitrary web script or HTML via the SEARCH_STRING parameter, a different issue than CVE-2006-6587. NOTE: some of these details are obtained from third party information.
6.8

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.