- EPSS 4.16%
- Published 25.10.2012 10:51:28
- Last modified 11.04.2025 00:51:21
Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.
CVE-2010-0432
- EPSS 44.46%
- Published 15.04.2010 17:30:00
- Last modified 11.04.2025 00:51:21
Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via (1) the product...
CVE-2006-6587
- EPSS 6.47%
- Published 15.12.2006 19:28:00
- Last modified 09.04.2025 00:30:58
Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message.
CVE-2006-6589
- EPSS 6.17%
- Published 15.12.2006 19:28:00
- Last modified 09.04.2025 00:30:58
Cross-site scripting (XSS) vulnerability in ecommerce/control/keywordsearch in the Apache Open For Business Project (OFBiz) and Opentaps 0.9.3 allows remote attackers to inject arbitrary web script or HTML via the SEARCH_STRING parameter, a different...
CVE-2006-6588
- EPSS 2.61%
- Published 15.12.2006 19:28:00
- Last modified 09.04.2025 00:30:58
The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types...