Описание
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-15961
- https://helpx.adobe.com/security/products/coldfusion/apsb18-33.html
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-15961
- https://www.exploit-db.com/exploits/45979
- http://www.securityfocus.com/bid/105314
- http://www.securitytracker.com/id/1041621
Связанные уязвимости
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
Уязвимость интерпретатора ColdFusion, связанная с отсутствием ограничений на загрузку файлов, позволяющая нарушителю выполнить произвольный код