CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 0CVE-2018-12804
https://notcve.org/view.php?id=CVE-2018-12804
20 Jul 2018 — Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. Successful exploitation could lead to session hijacking. Adobe Connect, en versiones 9.7.5 y anteriores, tiene una vulnerabilidad de omisión de autenticación. Su explotación con éxito podría resultar en un secuestro de sesión. • http://www.securityfocus.com/bid/104697 • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4921
https://notcve.org/view.php?id=CVE-2018-4921
19 May 2018 — Adobe Connect versions 9.7 and earlier have an exploitable unrestricted SWF file upload vulnerability. Successful exploitation could lead to information disclosure. Adobe Connect, en versiones 9.7 y anteriores, tiene una vulnerabilidad explotable de subida de archivos SWF sin restricciones. Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/103393 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.1EPSS: 16%CPEs: 1EXPL: 0CVE-2018-4923
https://notcve.org/view.php?id=CVE-2018-4923
19 May 2018 — Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file deletion. Adobe Connect, en versiones 9.7 y anteriores, tiene una vulnerabilidad explotable de inyección de comandos del sistema operativo. Su explotación con éxito podría permitir la eliminación de archivos arbitrarios. • http://www.securityfocus.com/bid/103391 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 13%CPEs: 1EXPL: 0CVE-2018-4994
https://notcve.org/view.php?id=CVE-2018-4994
19 May 2018 — Adobe Connect versions 9.7.5 and earlier have an exploitable Authentication Bypass vulnerability. Successful exploitation could lead to sensitive information disclosure. Adobe Connect, en versiones 9.7.5 y anteriores, tiene una vulnerabilidad explotable de omisión de autenticación. Su explotación con éxito podría resultar en una divulgación de información sensible. • http://www.securityfocus.com/bid/104102 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11290
https://notcve.org/view.php?id=CVE-2017-11290
09 Dec 2017 — An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has been resolved by adding a feature that enables Connect administrators to protect users from UI redressing (or clickjacking) attacks. Se ha descubierto un problema en Adobe Connect 9.6.2 y anteriores. Existe una vulnerabilidad de secuestro de clicks (clickjacking o UI Redress). • http://www.securityfocus.com/bid/101838 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0CVE-2017-11288
https://notcve.org/view.php?id=CVE-2017-11288
09 Dec 2017 — An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure. Se ha descubierto un problema en Adobe Connect 9.6.2 y anteriores. Existe una vulnerabilidad de Cross-Site Scripting reflejado que podría desembocar en una divulgación de información. • http://www.securityfocus.com/bid/101838 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0CVE-2017-11287
https://notcve.org/view.php?id=CVE-2017-11287
09 Dec 2017 — An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure. Se ha descubierto un problema en Adobe Connect 9.6.2 y anteriores. Existe una vulnerabilidad de Cross-Site Scripting reflejado que podría desembocar en una divulgación de información. • http://www.securityfocus.com/bid/101838 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0CVE-2017-11289
https://notcve.org/view.php?id=CVE-2017-11289
09 Dec 2017 — An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure. Se ha descubierto un problema en Adobe Connect 9.6.2 y anteriores. Existe una vulnerabilidad de Cross-Site Scripting reflejado que podría desembocar en una divulgación de información. • http://www.securityfocus.com/bid/101838 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0CVE-2017-11291
https://notcve.org/view.php?id=CVE-2017-11291
09 Dec 2017 — An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls. Se ha descubierto un problema en Adobe Connect 9.6.2 y anteriores. Existe una vulnerabilidad de Server-Side Request Forgery (SSRF) que podría ser aprovechada para omitir los controles de acceso a la red. • http://www.securityfocus.com/bid/101838 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0CVE-2017-3102
https://notcve.org/view.php?id=CVE-2017-3102
14 Jul 2017 — Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a reflected cross-site scripting attack. Adobe Connect versiones 9.6.1 y anteriores, presenta una vulnerabilidad de tipo cross-site scripting reflejado. Una explotación con éxito podría conllevar a un ataque de tipo cross-site scripting reflejado. • http://www.securityfocus.com/bid/99517 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •