Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe coldfusion 8.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-2861
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and previous versions allow remote malicious users to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) ...
Adobe Coldfusion 9.0
Adobe Coldfusion 8.0.1
Adobe Coldfusion 8.0
Adobe Coldfusion
2 EDB exploits
1 Nmap script
24 Github repositories
1 Article
7.5
CVSSv2
CVE-2008-1656
Adobe ColdFusion 8 and 8.0.1 does not properly implement the public access level for CFC methods, which allows remote malicious users to invoke these methods via Flex 2 remoting, a different vulnerability than CVE-2006-4725.
Adobe Coldfusion 8.0
Adobe Coldfusion 8.1
7.5
CVSSv2
CVE-2008-1203
The administrator interface for Adobe ColdFusion 8 and ColdFusion MX7 does not log failed authentication attempts, which makes it easier for remote malicious users to conduct brute force attacks without detection.
Adobe Coldfusion 7.0
Adobe Coldfusion 8.0
7.5
CVSSv2
CVE-2006-2042
Adobe Dreamweaver 8 prior to 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
Adobe Dreamweaver 7.0
Adobe Dreamweaver 8.0
7.2
CVSSv2
CVE-2008-4831
Unspecified vulnerability in Adobe ColdFusion 8 and 8.0.1 and ColdFusion MX 7.0.2 allows local users to bypass sandbox restrictions, and obtain sensitive information or possibly gain privileges, via unknown vectors.
Adobe Coldfusion 8.0
Adobe Coldfusion 8.0.1
Adobe Coldfusion 7.2
6.8
CVSSv2
CVE-2011-0629
Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Adobe Coldfusion 9.0
Adobe Coldfusion 9.0.1
Adobe Coldfusion 8.0
Adobe Coldfusion 8.0.1
6.8
CVSSv2
CVE-2007-5905
Adobe ColdFusion 8 and MX 7 allows remote malicious users to hijack sessions via unspecified vectors that trigger establishment of a session to a ColdFusion application in which the (1) CFID or (2) CFTOKEN cookies have empty values, possibly due to a session fixation vulnerabilit...
Adobe Coldfusion 8.0
Adobe Coldfusion 7.0
5.8
CVSSv2
CVE-2009-1878
Session fixation vulnerability in Adobe ColdFusion 8.0.1 and previous versions allows remote malicious users to hijack web sessions via unspecified vectors.
Adobe Coldfusion 7.2
Adobe Coldfusion 7.0
Adobe Coldfusion 6.0
Adobe Coldfusion 7.0.2
Adobe Coldfusion 7.0.1
Adobe Coldfusion 8.0
Adobe Coldfusion 8.1
Adobe Coldfusion 6.1
Adobe Coldfusion
5
CVSSv2
CVE-2012-2048
Unspecified vulnerability in Adobe ColdFusion 10 and previous versions allows malicious users to cause a denial of service via unknown vectors.
Adobe Coldfusion 9.0
Adobe Coldfusion 8.0.1
Adobe Coldfusion 8.0
Adobe Coldfusion
Adobe Coldfusion 9.0.2
Adobe Coldfusion 9.0.1
5
CVSSv2
CVE-2012-0770
Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted parameters.
Adobe Coldfusion 9.0
Adobe Coldfusion 9.0.1
Adobe Coldfusion 8.0
Adobe Coldfusion 8.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »