CVE-2018-15961

Web-Coldfusion-Vulnerability-POC PT-BR PAPER neste paper irei mostrar como explorar O CVE-2018–15961 e CVE-2017–3066 endpoints web server coldfusion: cfc, cfm, cfml e outros primeiro CVE: CVE-2018-15961** ############## entrypoint: /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadcfm ############## reference exploit: githubcom/xbufu/CVE-2018-159

CVE-2018-15961 — ᴀᴅᴏʙᴇ ᴄᴏʟᴅғᴜsɪᴏɴ (ʀᴄᴇ)

CVE-2018-15961 - Adobe ColdFusion RCE This repository contains my exploit code for the RCE vulnerability in Adobe ColdFusion 2021 Exploit Description The exploit sends a POST request containing a JSP reverse shell to /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadcfm If successfull, this uploads the shell to /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/

Exploit for CVE-2018-15961, a unrestricted file upload vulnerability in Adobe ColdFusion 2018 leading to RCE

CVE-2018-15961 - Adobe ColdFusion 2018 RCE This repository contains my exploit code for the RCE vulnerability in Adobe ColdFusion 2018 Exploit Description The exploit sends a POST request containing a JSP reverse shell to /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadcfm If successfull, this uploads the shell to /cf_scripts/scripts/ajax/ckeditor/plugins/fileman

Unrestricted file upload in Adobe ColdFusion

CVE-2018-15961 Unrestricted file upload in Adobe ColdFusion POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadcfm HTTP/11 Host: coldfusion:port User-Agent: Mozilla/50 (Windows NT 100; WOW64) AppleWebKit/53736 (KHTML, like Gecko) Chrome/62032029 Safari/53736 Content-Type: multipart/form-data; boundary=---------------------------24464570528145 Content-Leng

cve-2018-15961

CVE-2018-15961 This is part of Cved: a tool to manage vulnerable docker containers Cved: githubcom/git-rep-src/cved Image source: githubcom/cved-sources/cve-2018-15961 Image author: bintraycom/eaps/coldfusion/cf%3Acoldfusion/201800