Lucene search
K

9 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.204 views

Adobe ColdFusion <=8.0 - Directory Traversal Vulnerability (CVE-2010-2861)

Adobe ColdFusion =8.0 http://server/CFIDE/administrator/enter.cfm?locale=../../../../../../../../../../ColdFusion8/lib/password.properties%00en server替换成目标网站即可 Update:2017-04-28 This blog was written by Scott White, Senior Principal Security Consultant, Web Application Team Lead – TrustedSec TL;D...

7.5CVSS9.5AI score0.99721EPSS
Exploits13
myhack58
myhack58
added 2014/04/21 12:0 a.m.71 views

COLDFUSION(CVE-2 0 1 0-2 8 6 1) the local contains a the use of method-vulnerability warning-the black bar safety net

Recently saw foreigner an article said that the CVE-2 0 1 0-2 8 6 1 This use of the method, only seen by reading the password. properties in the password field, to crack the SHA-1 value of the login background, or by passing a hash of the landing back, haven't seen can directly get the SHELL. In...

7.1AI score
Exploits0
Nmap
Nmap
added 2012/02/19 2:40 p.m.361 views

http-vuln-cve2010-2861 NSE Script

Executes a directory traversal attack against a ColdFusion server and tries to grab the password hash for the administrator user. It then uses the salt value hidden in the web page to create the SHA1 HMAC hash that the web server needs for authentication as admin. You can pass this value to the...

10CVSS9.8AI score0.99721EPSS
Exploits46
0day.today
0day.today
added 2011/03/17 12:0 a.m.67 views

Adobe ColdFusion - Directory Traversal

Exploit for windows platform in category remote exploits $Id: coldfusiontraversal.rb 11974 2011-03-16 01:38:16Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...

7.1AI score0.99721EPSS
Exploits13
Packet Storm
Packet Storm
added 2011/03/16 12:0 a.m.150 views

Adobe ColdFusion - Directory Traversal

$Id: coldfusiontraversal.rb 11986 2011-03-16 10:15:54Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.5CVSS0.99721EPSS
Exploits13
exploitpack
exploitpack
added 2010/08/14 12:0 a.m.98 views

Adobe ColdFusion - Directory Traversal

Adobe ColdFusion - Directory Traversal Working GET request courtesy of carnal0wnage: http://server/CFIDE/administrator/enter.cfm?locale=../../../../../../../../../../ColdFusion8/lib/password.properties%00en LLsecurity added another admin page filename: "/CFIDE/administrator/enter.cfm"...

7.5CVSS9.6AI score0.99721EPSS
Exploits13
Exploit DB
Exploit DB
added 2010/08/14 12:0 a.m.370 views

Adobe ColdFusion - Directory Traversal

Working GET request courtesy of carnal0wnage: http://server/CFIDE/administrator/enter.cfm?locale=../../../../../../../../../../ColdFusion8/lib/password.properties%00en LLsecurity added another admin page filename: "/CFIDE/administrator/enter.cfm" !/usr/bin/python CVE-2010-2861 - Adobe ColdFusion...

9.8CVSS9.6AI score0.99721EPSS
Exploits13
Circl
Circl
added 2010/08/14 12:0 a.m.37 views

CVE-2010-2861

creationtimestamp| type| source ---|---|--- 2010-08-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/14641 2011-03-16 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16985 2018-05-29 15:50:33+00:00| seen|...

9.8CVSS7.4AI score0.99721EPSS
Exploits13References11
canvas
canvas
added 2010/08/11 6:47 p.m.168 views

Immunity Canvas: CF_DIRECTORY_TRAVERSAL

Name| CFdirectorytraversal ---|--- CVE| CVE-2010-2861 Exploit Pack| CANVAS Description| ColdFusion Directory Traversal Notes| CVE Name: CVE-2010-2861 VENDOR: http://www.adobe.com Things to consider: 1 - A remote file i-test10-1.cfm will be left in the webroot as well as the CANVAS callback trojan...

7.5CVSS9.8AI score0.99721EPSS
Exploits13
Rows per page
Query Builder