CVE-2006-6588

The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types of content, modify content, or have other unknown impact.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-12-15 19:28

Updated : 2024-02-28 11:01


NVD link : CVE-2006-6588

Mitre link : CVE-2006-6588

CVE.ORG link : CVE-2006-6588


JSON object : View

Products Affected

apache

  • ofbiz