CVSS: 9.8EPSS: 90%CPEs: 1EXPL: 2CVE-2009-3068 – Adobe RoboHelp Server Arbitrary File Upload and Execute Vulnerability
https://notcve.org/view.php?id=CVE-2009-3068
04 Sep 2009 — Unrestricted file upload vulnerability in the RoboHelpServer Servlet (robohelp/server) in Adobe RoboHelp Server 8 allows remote attackers to execute arbitrary code by uploading a Java Archive (.jsp) file during a PUBLISH action, then accessing it via a direct request to the file in the robohelp/robo/reserved/web directory under its sessionid subdirectory, as demonstrated by the vd_adobe module in VulnDisco Pack Professional 8.7 through 8.11. Una vulnerabilidad de carga de archivos sin restricciones en el Se... • https://www.exploit-db.com/exploits/33209 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 1%CPEs: 4EXPL: 0CVE-2009-0523
https://notcve.org/view.php?id=CVE-2009-0523
26 Feb 2009 — Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled when displaying the Help Errors log. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados - XSS - en Adobe RoboHelp Server 6 y 7 que permite a los atacantes remoto inyectar arbitrariamente una secuencia de comandos web o HTML a través de URL manipuladas, lo que es manejado apropiadamente cuando se muestra... • http://secunia.com/advisories/34048 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 4EXPL: 0CVE-2009-0524
https://notcve.org/view.php?id=CVE-2009-0524
26 Feb 2009 — Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 6 and 7, and RoboHelp Server 6 and 7, allows remote attackers to inject arbitrary web script or HTML via vectors involving files produced by RoboHelp. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados en Adobe RoboHelp v6 y v7, y RoboHelp Server v6 y v7, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores que implican ficheros creados con robohelp. • http://secunia.com/advisories/34032 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 2EXPL: 3CVE-2008-2991
https://notcve.org/view.php?id=CVE-2008-2991
09 Jul 2008 — Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Help Errors log. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Adobe RoboHelp Server 6 y 7 permite a atacantes remotos inyectar web script o HTML de su elección a través de vectores relacionados con el log Help Errors. • http://secunia.com/advisories/31001 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 2%CPEs: 2EXPL: 0CVE-2008-0642
https://notcve.org/view.php?id=CVE-2008-0642
15 Feb 2008 — Cross-site scripting (XSS) vulnerability in files created by Adobe RoboHelp 6 and 7, possibly involving use of a (1) WebHelp5 (WebHelp5Ext) or (2) WildFire (WildFireExt) extension, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-1280. Vulnerabilidad de secuencias de comandos en sitios cruzados en archivos creados por Adobe RoboHelp 6 and 7, y posiblemente las extensiones (1) WebHelp5 (WebHelp5Ext) o (2) WildFire (WildFireExt), p... • http://secunia.com/advisories/28945 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 9%CPEs: 4EXPL: 1CVE-2007-1280 – Adobe RoboHelp - Frameset-7.HTML Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-1280
09 May 2007 — Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 allows remote attackers to inject arbitrary web script or HTML via a URL after a # (hash) in the URL path, as demonstrated using en/frameset-7.html, and possibly other unspecified vectors involving templates and (1) whstart.js and (2) whcsh_home.htm in WebHelp, (3) wf_startpage.js and (4) wf_startqs.htm in FlashHelp, or (5) WindowManager.dll in RoboHelp Server 6. Una vulnerabilidad de tipo cross-site-scripting (XSS) en Adobe Robo... • https://www.exploit-db.com/exploits/30016 •