all InfoSec news
A Vulnerability in Apache OFBiz Could Allow for Remote Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
A vulnerability has been discovered in the Apache OFBiz, which could allow for remote code execution. Apache OFBiz is an open source product for the automation of enterprise processes. It includes framework components and business applications for ERP, CRM, E-Business/E-Commerce, Supply Chain Management and Manufacturing Resource Planning. Successful exploitation could allow for remote code execution in the context of the Server. Depending on the privileges associated with the logged on user, an attacker could then install programs; view, change, or …
apache apache ofbiz applications automation business business applications code code execution commerce components crm e-commerce enterprise erp exploitation framework management manufacturing ofbiz open source planning processes product remote code remote code execution resource supply supply chain supply chain management vulnerability