CVE-2018-15961

This exploit demonstrates an unrestricted file upload vulnerability in Adobe ColdFusion 2018 (CVE-2018-15961). It allows an attacker to upload a malicious file by sending a crafted multipart/form-data POST request to the vulnerable endpoint, bypassing file type restrictions.

This PoC demonstrates an unrestricted file upload vulnerability in Adobe ColdFusion, allowing arbitrary file upload via a multipart/form-data POST request to a specific endpoint. The uploaded file can then be accessed, potentially leading to remote code execution.

This repository contains a Python-based exploit for CVE-2018-15961, which targets Adobe ColdFusion 2018. The exploit uploads a JSP reverse shell via a vulnerable endpoint and triggers it to establish a connection to an attacker-controlled host.

This exploit targets CVE-2018-15961, an RCE vulnerability in Adobe ColdFusion. It uploads a JSP reverse shell via a malicious POST request to a vulnerable endpoint and triggers it via a GET request.

This repository is a stub for Cved, a tool to manage vulnerable Docker containers, and does not contain actual exploit code. It references an image source for CVE-2018-15961 but provides no functional PoC.

This exploit leverages an unrestricted file upload vulnerability in Adobe ColdFusion 2018 (CVE-2018-15961) to upload a malicious JSP file containing a reverse shell payload. The payload establishes a connection to an attacker-controlled listener, enabling remote code execution.

This Metasploit module exploits an unrestricted file upload vulnerability in Adobe ColdFusion's CKEditor (CVE-2018-15961). It uploads a malicious JSP payload via a multipart form request and triggers execution by accessing the uploaded file.