漏洞描述
弱口令漏洞指的是系统中使用了简单、容易猜测或常见的密码,导致攻击者可以通过猜测或暴力破解的方式轻易获取账户权限,进而访问或控制受影响的系统资源。这种漏洞通常由于缺乏有效的密码策略或用户对安全意识的忽视造成。
Apache OFBiz 弱口令漏洞
PoC代码
暂无相关漏洞推荐
- Apache OFBiz StatsSinceStart 远程代码执行漏洞(CVE-2024-45507)
- Apache OFBiz /partymgr/control/getJSONuiLabel 服务器端请求伪造漏洞(CVE-2023-50968)
- POC CVE-2018-8033: Apache OFBiz 16.11.04 - XML Entity Injection
- POC CVE-2020-1943: Apache OFBiz <=16.11.07 - Cross-Site Scripting
- POC CVE-2020-9496: Apache OFBiz 17.12.03 - Cross-Site Scripting
- POC CVE-2021-26295: Apache OFBiz <17.12.06 - Arbitrary Code Execution
- POC CVE-2021-29200: Apache OFBiz < 17.12.07 - Arbitrary Code Execution
- POC CVE-2021-30128: Apache OFBiz <17.12.07 - Arbitrary Code Execution
- POC CVE-2022-47501: Apache OFBiz < 18.12.07 - Local File Inclusion
- POC CVE-2023-49070: Apache OFBiz < 18.12.10 - Arbitrary Code Execution
- POC CVE-2023-50968: Apache OFBiz < 18.12.11 - Server Side Request Forgery
- POC CVE-2023-51467: Apache OFBiz < 18.12.11 - Remote Code Execution
- POC CVE-2024-32113: Apache OFBiz Directory Traversal - Remote Code Execution