CVE-2006-6588
high
Apache CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
3.2%
Exploitation probability in 30 days
Top 13% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: December 15, 2006 (7089 days ago)
Last Modified: April 23, 2026
Vendor: Apache
Source: NVD
Vulnerability Report
Generated by CyberWatcher
Description
The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types of content, modify content, or have other unknown impact.
CWE
NVD-CWE-OtherAffected Products
apache ofbiz