Page 2 of 16 results (0.039 seconds)

CVSS: 7.5EPSS: 10%CPEs: 3EXPL: 0

Adobe RoboHelp Server 9 before 9.0.1 mishandles SQL queries, which allows attackers to obtain sensitive information via unspecified vectors. Adobe RoboHelp Server 9 en versiones anteriores a 9.0.1 no maneja correctamente las consultas SQL, lo que permite a atacantes obtener información sensible a través de vectores no especificados. • http://www.securitytracker.com/id/1035557 https://helpx.adobe.com/security/products/robohelp-server/apsb16-12.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. MDBMS.dll en Adobe RoboHelp 10 permite a atacantes ejecutar código arbitrario o provcar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://www.adobe.com/support/security/bulletins/apsb13-24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL, related to certain .htm files in (1) template_stock and (2) template_csh directories. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Adobe RoboHelp v8 y v9 para Word, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de una URL modificada, relacionado con ciertos archivos .htm en los directorios (1) template_stock y (2) template_csh • http://osvdb.org/79251 http://secunia.com/advisories/47936 http://www.adobe.com/support/security/bulletins/apsb12-04.html http://www.securityfocus.com/bid/52008 http://www.securitytracker.com/id?1026676 https://exchange.xforce.ibmcloud.com/vulnerabilities/73179 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 before 9.0.1.262, and RoboHelp Server 8 and 9, allows remote attackers to inject arbitrary web script or HTML via the URI, related to template_stock/whutils.js. Vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Adobe RoboHelp 8 y 9 anterior a v9.0.1.262, y RoboHelp Server 8 and 9 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de URI, relacionado con template_stock/whutils.js Adobe RoboHelp version 9.0 suffers from a cross site scripting vulnerability. Versions 9.0.1.232 and below are affected. • http://securityreason.com/securityalert/8334 http://www.adobe.com/support/security/bulletins/apsb11-23.html http://www.us-cert.gov/cas/techalerts/TA11-222A.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 15%CPEs: 4EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in RoboHelp 7 and 8, and RoboHelp Server 7 and 8, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to (1) wf_status.htm and (2) wf_topicfs.htm in RoboHTML/WildFireExt/TemplateStock/. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en RoboHelp v7 y v8, y RoboHelp Server v7 y v8, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetros no especificados, relacionados con (1)wf_status.htm y (2)wf_topicfs.htm en RoboHTML/WildFireExt/TemplateStock/. • http://www.adobe.com/support/security/bulletins/apsb11-09.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •