Max CVSS 10.0 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-2170 7.5
Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
03-05-2021 - 20:45 12-04-2016 - 14:59
CVE-2015-3268 4.3
Cross-site scripting (XSS) vulnerability in the DisplayEntityField.getDescription method in ModelFormField.java in Apache OFBiz before 12.04.06 and 13.07.x before 13.07.03 allows remote attackers to inject arbitrary web script or HTML via the descrip
09-10-2018 - 19:56 12-04-2016 - 14:59
CVE-2014-0232 4.3
Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 before 11.04.05 and 12.04.01 before 12.04.04 allow remote attackers to inject arbitrary web script or HTML via unspecifie
09-10-2018 - 19:41 22-08-2014 - 14:55
CVE-2013-2137 4.3
Cross-site scripting (XSS) vulnerability in the "View Log" screen in the Webtools application in Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to inject arbitra
18-05-2018 - 12:17 15-08-2013 - 16:55
CVE-2013-2250 10.0
Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to execute arbitrary Unified Expression Language (UEL) functions via JUEL metacharacters in unspecified parameters
18-05-2018 - 12:17 15-08-2013 - 16:55
CVE-2013-0177 3.5
Multiple cross-site scripting (XSS) vulnerabilities in widget/screen/ModelScreenWidget.java in Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.05, 11.04.01, and possibly 09.04.x allow remote authenticated users to inject arbitrary w
18-05-2018 - 12:17 30-01-2014 - 15:06
CVE-2012-3506 10.0
Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.
18-05-2018 - 12:04 25-10-2012 - 10:51
CVE-2012-1621 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.02 allow remote attackers to inject arbitrary web script or HTML via (1) a parameter array in freemarker templates, the (2) conte
18-05-2018 - 12:04 19-06-2014 - 14:55
Back to Top Mark selected
Back to Top