Friday, August 30, 2013

Multiple Adobe Bugs by Me

Open Redirector:  https://tv.adobe.com/session/?redirect=http://google.com

if a user is logged in adobe..and clicks the link, he'll be automatically redirected to google.com thus an attacker can put an encoded malicious link to harm users of adobe.


Directory Listing:

http://groups.adobe.com/CFIDE/
http://groups.adobe.com/CFIDE/adminapi/
http://groups.adobe.com/CFIDE/administrator/images/
http://groups.adobe.com/CFIDE/scripts
http://groups.adobe.com/CFIDE/images/
http://groups.adobe.com/CFIDE/debug
http://groups.adobe.com/CFIDE/portlets/

and so on....


Open FCKEeditors-

http://groups.adobe.com/CFIDE/scripts/ajax/FCKeditor/editor./filemanager/browser/default/browser.html


http://groups.adobe.com/CFIDE/scripts/ajax/FCKeditor/editor/fckeditor.original.html



Open FIle uploads-

http://groups.adobe.com/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/browser/default/frmupload.html



1 comments:

  1. Nice technology!
    How I can do the same with this software?
    http://www.pos-texas.com/
    Your response is very important to me. It's gonna be nice to get feedback from your service.

    ReplyDelete