Shodan
Vulnerabilities
Vulnerable Software
Adobe:  >> Connect  >> 1.0.0.1  Security Vulnerabilities
CVE-2017-11290
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has been resolved by adding a feature that enables Connect administrators to protect users from UI redressing (or clickjacking) attacks.
CVSS Score
6.1
EPSS Score
0.004
Published
2017-12-09
CVE-2017-11291
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls.
CVSS Score
10.0
EPSS Score
0.021
Published
2017-12-09
CVE-2017-3101
Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerability. Successful exploitation could lead to a clickjacking attack.
CVSS Score
7.5
EPSS Score
0.015
Published
2017-07-17
CVE-2017-3102
Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a reflected cross-site scripting attack.
CVSS Score
6.1
EPSS Score
0.006
Published
2017-07-17
CVE-2017-3103
Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to a stored cross-site scripting attack.
CVSS Score
6.1
EPSS Score
0.011
Published
2017-07-17
CVE-2016-7851
Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks.
CVSS Score
6.1
EPSS Score
0.057
Published
2016-11-08
CVE-2016-4118
Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.006
Published
2016-05-30
CVE-2016-0950
Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.007
Published
2016-02-10
CVE-2016-0949
Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL.
CVSS Score
9.8
EPSS Score
0.024
Published
2016-02-10
CVE-2016-0948
Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS Score
8.8
EPSS Score
0.003
Published
2016-02-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved