Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia coldfusion 6.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4342
ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote malicious users to "bypass security controls," aka "JRun Clustered Sandbox Secu...
Macromedia Coldfusion 6.1
Macromedia Coldfusion 7.0
Macromedia Coldfusion 6.0
NA
CVE-2005-4343
Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote malicious users to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL inje...
Macromedia Coldfusion 6.1
Macromedia Coldfusion 7.0
Macromedia Coldfusion 6.0
NA
CVE-2004-2204
Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT.
Macromedia Coldfusion 6.1
Macromedia Coldfusion 6.0
NA
CVE-2004-2505
Macromedia ColdFusion MX prior to 6.1 does not restrict the size of error messages, which allows remote malicious users to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.
Macromedia Coldfusion 6.0
Macromedia Coldfusion 5.0
1 EDB exploit
NA
CVE-2004-1478
JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Hitachi Cosminexus Enterprise 01 01 1
Hitachi Cosminexus Enterprise 01 02 2
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Coldfusion 6.1
Macromedia Coldfusion 6.0
Hitachi Cosminexus Server Web 01-01 2
Hitachi Cosminexus Server Web 01-01 1
Macromedia Jrun 4.0
NA
CVE-2004-0646
Buffer overflow in the WriteToLog function for JRun 3.0 up to and including 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote malicious users to execute arbitrary code via a long HTTP header Content-Type fie...
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Coldfusion 6.1
Macromedia Coldfusion 6.0
Macromedia Jrun 4.0
NA
CVE-2004-0928
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote malicious users to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".
Hitachi Cosminexus Enterprise 01 01 1
Hitachi Cosminexus Enterprise 01 02 2
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Coldfusion 6.1
Macromedia Coldfusion 6.0
Hitachi Cosminexus Server Web 01-01 2
Hitachi Cosminexus Server Web 01-01 1
Macromedia Jrun 4.0
NA
CVE-2004-1815
Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote malicious users to cause a denial of service (memory consumption).
Sun One Application Server 7.0
Macromedia Jrun 4.0
Macromedia Coldfusion 6.1
Macromedia Coldfusion 6.0
Macromedia Jrun 4.0 Build 61650
NA
CVE-2003-1469
The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote malicious users to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message.
Macromedia Coldfusion
Macromedia Coldfusion 6.0
Macromedia Coldfusion Professional
1 EDB exploit
NA
CVE-2002-1700
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote malicious users to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulti...
Microsoft Internet Information Services 5.0
Macromedia Coldfusion 6.0
Microsoft Windows 2000
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »