Adobe RoboHelp Server 8 - Authentication Bypass

source: https://www.securityfocus.com/bid/36245/info Adobe RoboHelp Server is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to upload and execute arbitrary code with SYSTEM-level privileges. RoboHelp Server 8.0 is affected; other versions may also be...

Update Protection against Adobe RoboHelp Server SQL Injection Vulnerability

Adobe RoboHelp Server is vulnerable to a SQL injection attack. A remote attacker can trigger this vulnerability by sending a specially crafted URL to a vulnerable installation of RoboHelp Server. An attacker would need to have access to the RoboHelp Help Errors log, or convince someone with acces...

Adobe RoboHelp和RoboHelp Server多个跨站脚本漏洞

BUGTRAQ ID: 33887,33888 CVECAN ID: CVE-2009-0523,CVE-2009-0524 Adobe RoboHelp软件是一个专业创作工具, 可用于开发帮助系统、电子教学内容、知识库以及方案和步骤。 RoboHelp和RoboHelp Server的templatestock/whutils.js、ReportTemplate.asp、redirect.asp和 SQLLib.asp文件中存在多个输入验证错误。如果远程攻击者提交了恶意的URL的话，就可能导致跨站脚本攻击，在用户浏览器会话中执行任意代码。 Adobe RoboHelp Server 7...

CVE-2009-0523

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled when displaying the Help Errors log...

CVE-2009-0524

Cross-site scripting XSS vulnerability in Adobe RoboHelp 6 and 7, and RoboHelp Server 6 and 7, allows remote attackers to inject arbitrary web script or HTML via vectors involving files produced by RoboHelp...

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled when displaying the Help Errors log...

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe RoboHelp 6 and 7, and RoboHelp Server 6 and 7, allows remote attackers to inject arbitrary web script or HTML via vectors involving files produced by RoboHelp...

CVE-2009-0523

Adobe RoboHelp Server 6/7 are affected by multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary script via crafted URLs displayed in the Help Errors log. The issues stem from input validation errors in template_stock/whutils.js, Report_Template.asp, r...

CVE-2009-0524

CVE-2009-0524 affects Adobe RoboHelp 6 and 7, and RoboHelp Server 6 and 7. The connected sources describe multiple input validation errors in template_stock/whutils.js, Report_Template.asp, redirect.asp, and SQL_Lib.asp that enable cross-site scripting via URLs crafted from RoboHelp-produced file...

CVE-2009-0523

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled when displaying the Help Errors log...

CVE-2009-0524

Cross-site scripting XSS vulnerability in Adobe RoboHelp 6 and 7, and RoboHelp Server 6 and 7, allows remote attackers to inject arbitrary web script or HTML via vectors involving files produced by RoboHelp...

RoboHelp Server Multiple XSS (APSB09-02 Update 2)

Adobe RoboHelp Server version 6 or 7 is installed on the remote host, and it is missing updates included with Adobe security advisory 'APSB09-02 Update 2' involving the files 'redirect.asp', 'ReportTemplate.asp' and 'SQLLib.asp'. Provided an attacker has access to 'RoboHelp Help Errors log' or is...

RoboHelp Server Help Errors Multiple Vulnerabilities (APSB08-16)

The installation of Adobe RoboHelp Server on the remote host is version 7.00 or older and does not contain the APSB08-16 update file. As a result, it is probably affected by a SQL injection and a cross-site scripting vulnerability. The SQL injection issue reportedly can be exploited to manipulate...

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Help Errors log...

CVE-2008-2991

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Help Errors log...

CVE-2008-2991

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Help Errors log...

CVE-2008-2991

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Help Errors log...

CVE-2008-2991

CVE-2008-2991 is an XSS vulnerability in Adobe RoboHelp Server 6 and 7 that allows remote attackers to inject arbitrary web script or HTML via the Help Errors log. Affected software: RoboHelp Server 6 and 7. Root cause: input handling in the Help Errors log leads to script execution. Impact: arbi...

PT-2008-4425 · Adobe · Robohelp Server

Name of the Vulnerable Software and Affected Versions: Adobe RoboHelp Server versions 6 and 7 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via vectors related to the Help Errors log. This could potentially lead to unauthorized action...

Cross site scripting

Cross-site scripting XSS vulnerability in files created by Adobe RoboHelp 6 and 7, possibly involving use of a 1 WebHelp5 WebHelp5Ext or 2 WildFire WildFireExt extension, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...