CVE-2015-0345 PoC — Adobe ColdFusion 跨站脚本漏洞

Source

https://github.com/BishopFox/coldfusion-10-11-xss

Associated Vulnerability

Title:Adobe ColdFusion 跨站脚本漏洞 (CVE-2015-0345)
Description:Adobe ColdFusion是美国奥多比（Adobe）公司的一款动态Web服务器产品，其运行的CFML（ColdFusion Markup Language）是针对Web应用的一种程序设计语言。 Adobe ColdFusion 10.0 update_15及之前版本和11.0 update_4及之前的版本中存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意Web脚本或HTML。

Description

Proof of Concept code for CVE-2015-0345 (APSB15-07)

File Snapshot


 [4.0K]  /data/pocs/718664b8f8dc4b00ecfd81a171316c99ca316d78
├── [4.1K]  coldfusion_payload_1.js
├── [ 705]  coldfusion_payload_1.min.js
├── [8.4K]  coldfusion_payload_2.js
├── [3.0K]  coldfusion_payload_2.min.js
└── [8.7K]  readme.md

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!