CVE-2008-2991
https://notcve.org/view.php?id=CVE-2008-2991
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Help Errors log. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Adobe RoboHelp Server 6 y 7 permite a atacantes remotos inyectar web script o HTML de su elección a través de vectores relacionados con el log Help Errors. • http://secunia.com/advisories/31001 http://securitytracker.com/id?1020442 http://www.adobe.com/support/security/bulletins/apsb08-16.html http://www.securityfocus.com/bid/30137 http://www.vupen.com/english/advisories/2008/2026/references • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-1280 – Adobe RoboHelp - Frameset-7.HTML Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-1280
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 allows remote attackers to inject arbitrary web script or HTML via a URL after a # (hash) in the URL path, as demonstrated using en/frameset-7.html, and possibly other unspecified vectors involving templates and (1) whstart.js and (2) whcsh_home.htm in WebHelp, (3) wf_startpage.js and (4) wf_startqs.htm in FlashHelp, or (5) WindowManager.dll in RoboHelp Server 6. Una vulnerabilidad de tipo cross-site-scripting (XSS) en Adobe RoboHelp versiones X5, 6 y Server versión 6 permite a los atacantes remotos inyectar scripts web o HTML arbitrarios por medio de una dirección URL después de un valor de dirección URL en la ruta de url, como se ha demostrado utilizando en/frameset-7.html, y posiblemente otros vectores no especificados con plantillas y (1) whstart.js y (2) whcsh_home.htm en WebHelp, (3) wf_startpage.js y (4) wf_startqs.htm en FlashHelp o (5) la biblioteca WindowManager.dll en RoboHelp Server versión 6. • https://www.exploit-db.com/exploits/30016 http://osvdb.org/35867 http://secunia.com/advisories/25211 http://www.adobe.com/support/security/bulletins/apsb07-10.html http://www.devtarget.org/adobe-advisory-05-2007.txt http://www.securityfocus.com/archive/1/468360/100/0/threaded http://www.securityfocus.com/bid/23878 http://www.securitytracker.com/id?1018020 http://www.vupen.com/english/advisories/2007/1714 https://exchange.xforce.ibmcloud.com/vulnerabilities/34181 •