IDCVSSSummaryLast (major) updatePublished
CVE-2006-6587 6.8
Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message.
17-07-2019 - 17:46 15-12-2006 - 19:28
CVE-2006-6589 6.8
Cross-site scripting (XSS) vulnerability in ecommerce/control/keywordsearch in the Apache Open For Business Project (OFBiz) and Opentaps 0.9.3 allows remote attackers to inject arbitrary web script or HTML via the SEARCH_STRING parameter, a different
17-07-2019 - 17:46 15-12-2006 - 19:28
CVE-2006-6588 7.5
The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types
17-07-2019 - 17:46 15-12-2006 - 19:28
CVE-2010-0432 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via (1) the product
30-07-2018 - 12:31 15-04-2010 - 17:30
CVE-2020-13923 5.0
IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04
22-07-2020 - 13:22 15-07-2020 - 16:15
Back to Top Mark selected
Back to Top