Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe coldfusion 2016 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-10145
The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default installation directory, such as C:\ColdFusion2021\. By default, unprivileged users can create files in this directory structure, which creates a privilege-escalation vulnerability.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 2021
9.8
CVSSv3
CVE-2019-7816
ColdFusion versions Update 2 and previous versions, Update 9 and previous versions, and Update 17 and previous versions have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
1 Article
5.9
CVSSv3
CVE-2016-1115
Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 mishandles wildcards in name fields of X.509 certificates, which might allow man-in-the-middle malicious users to spoof servers via a crafted certificate.
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
Adobe Coldfusion 10.0
9.8
CVSSv3
CVE-2019-7839
ColdFusion versions Update 3 and previous versions, Update 10 and previous versions, and Update 18 and previous versions have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
1 Article
9.8
CVSSv3
CVE-2019-7840
ColdFusion versions Update 3 and previous versions, Update 10 and previous versions, and Update 18 and previous versions have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
1 Article
9.8
CVSSv3
CVE-2018-15958
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
9.8
CVSSv3
CVE-2018-15961
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
5 Github repositories
5.3
CVSSv3
CVE-2018-15962
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a directory listing vulnerability. Successful exploitation could lead to information disclosure.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
5.3
CVSSv3
CVE-2018-15963
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a security bypass vulnerability. Successful exploitation could lead to arbitrary folder creation.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
7.5
CVSSv3
CVE-2018-15964
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to information disclosure.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »