漏洞描述
Adobe ColdFusion存在远程代码执行漏洞,此漏洞是对外部输入的参数值校验不足导致的。
Adobe ColdFusion manager.cfc远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- POC aem-anonymous-write: Adobe Experience Manager (AEM) - Anonymous JCR Node Creation
- 万户OA /defaultroot/modules/govoffice/gov_documentmanager/govdocumentmanager_sendfile_gd.jsp;.js SQL 注入漏洞
- POC 万户ezOFFICE协同管理平台 /defaultroot/modules/govoffice/gov_documentmanager/receivefile_gd.jsp;.js SQL 注入漏洞
- Adobe Commerce/Magento SessionReaper /customer/address_file/upload 文件上传漏洞(CVE-2025-54236)
- Adobe ColdFusion /hax/..CFIDE/wizards/common/utils.cfc 权限绕过漏洞(CVE-2023-38205)
- (CVE-2025-54253)Adobe Experience Manager配置错误导致任意代码执行漏洞
- 万户OA informationmanager_upload.jsp 任意文件上传漏洞
- Adobe Commerce 输入验证不当漏洞 可导致远程代码执行
- (CVE-2025-54251)Adobe Experience Manager XML注入漏洞导致安全功能绕过
- (CVE-2025-54249) Adobe Experience Manager SSRF漏洞导致安全功能绕过
- alertmanager-unauth: Alertmanager 未授权访问
- mapgis-cloud-manager-local-file-read: MapGis Cloud Manager Local File Read
- coremail-manager-password-disclosure: Coremail 邮件系统未授权访问获取管理员账密