漏洞描述
Apache OFBiz是一个开源企业资源规划(ERP)系统。它提供了一套企业应用程序,集成并自动化企业的许多业务流程。 Apache OFBiz 存在远程代码执行漏洞,远程攻击者可通过控制请求从而写入恶意文件获取服务器权限。
Apache OFBiz /viewdatafile 代码执行漏洞(CVE-2024-45195)
PoC代码
暂无相关漏洞推荐
- Apache OFBiz StatsSinceStart 远程代码执行漏洞(CVE-2024-45507)
- Apache OFBiz /partymgr/control/getJSONuiLabel 服务器端请求伪造漏洞(CVE-2023-50968)
- POC CVE-2018-8033: Apache OFBiz 16.11.04 - XML Entity Injection
- POC CVE-2020-1943: Apache OFBiz <=16.11.07 - Cross-Site Scripting
- POC CVE-2020-9496: Apache OFBiz 17.12.03 - Cross-Site Scripting
- POC CVE-2021-26295: Apache OFBiz <17.12.06 - Arbitrary Code Execution
- POC CVE-2021-29200: Apache OFBiz < 17.12.07 - Arbitrary Code Execution
- POC CVE-2021-30128: Apache OFBiz <17.12.07 - Arbitrary Code Execution
- POC CVE-2022-47501: Apache OFBiz < 18.12.07 - Local File Inclusion
- POC CVE-2023-49070: Apache OFBiz < 18.12.10 - Arbitrary Code Execution
- POC CVE-2023-50968: Apache OFBiz < 18.12.11 - Server Side Request Forgery
- POC CVE-2023-51467: Apache OFBiz < 18.12.11 - Remote Code Execution
- POC CVE-2024-32113: Apache OFBiz Directory Traversal - Remote Code Execution