Skip to content
master
Switch branches/tags
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Jul 12, 2018
Jul 12, 2018

Build Status

aemscan

Adobe Experience Manager Vulnerability Scanner

https://raz0r.name/releases/adobe-experience-manager-vulnerability-scanner/

Features

  • Default credentials bruteforce
  • Info leak via default error page
  • WebDav support check (WebDav OSGI XXE CVE-2015-1833)
  • Version detection
  • Useful paths scanner

Installation

$ python setup.py install

Usage

$ aemscan <url>

TODO

  • CVE-2016-0956 "Apache Sling Framework 2.3.6 Information Disclosure"
  • CVE-2018-5006, CVE-2018-12809 "Adobe Experience Manager Server-Side Request Forgery"

Links