Adobe Document Server 6.0 Extensions ads-readerext actionID Parameter XSS

2006-04-13T00:00:00
ID EDB-ID:27636
Type exploitdb
Reporter Tan Chew Keong
Modified 2006-04-13T00:00:00

Description

Adobe Document Server 6.0 Extensions ads-readerext actionID Parameter XSS. CVE-2006-1786. Remote exploits for multiple platform

                                        
                                            source: http://www.securityfocus.com/bid/17500/info

Adobe Document Server for Reader Extensions, included with Graphics Server and Document Server, is prone to multiple vulnerabilities that may allow remote attackers to:

- perform cross-site scripting attacks
- gain access to potentially sensitive information
- bypass security restrictions to gain administrative access to the application.

Adobe Document Server for Reader Extensions version 6.0, included with Adobe Graphics Server 2.1 and Adobe Document Server 6.0, is vulnerable; other versions may also be affected.

http://www.example.com:8019/ads-readerext/ads-readerext?actionID=[code]