CVEDB API

Vulnerabilities

Vulnerable Software

Adobe: >> Robohelp Server >> 8 Security Vulnerabilities

CVE-2010-2885

Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and 8, and RoboHelp Server 7 and 8, allows remote attackers to inject arbitrary web script or HTML via vectors related to WebHelp generation with RoboHelp for Word.

CVSS Score

4.3

EPSS Score

0.006

Published

2010-10-26

CVE-2010-2886

Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 7 and 8, and RoboHelp Server 7 and 8, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.007

Published

2010-10-26

CVE-2009-3068

Unrestricted file upload vulnerability in the RoboHelpServer Servlet (robohelp/server) in Adobe RoboHelp Server 8 allows remote attackers to execute arbitrary code by uploading a Java Archive (.jsp) file during a PUBLISH action, then accessing it via a direct request to the file in the robohelp/robo/reserved/web directory under its sessionid subdirectory, as demonstrated by the vd_adobe module in VulnDisco Pack Professional 8.7 through 8.11.

CVSS Score

9.3

EPSS Score

0.907

Published

2009-09-04

Page 2

Vulnerabilities

Vulnerable Software

Adobe: >> Robohelp Server >> 8 Security Vulnerabilities

Products

Pricing

Contact Us