Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ZDI-CAN-21308: Adobe RoboHelp Server getRHSGroupsForRoles SQL Injection Information Disclosure Vulnerability
Vulnerability Description
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an low-privileged authenticated attacker. Exploitation of this issue does not require user interaction.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Adobe RoboHelp 安全漏洞
Vulnerability Description
Adobe RoboHelp是美国奥多比(Adobe)公司的针对Windows开发和发布的帮助创作工具。 Adobe RoboHelp Server 11.4 版本及之前版本存在安全漏洞,该漏洞源于存在 SQL 注入漏洞,该漏洞可能导致低权限的经过身份验证的攻击者泄露信息。
CVSS Information
N/A
Vulnerability Type
N/A