Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2009-1877
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1875.
Adobe Coldfusion 6.0
Adobe Coldfusion 6.1
Adobe Coldfusion 7.0.2
Adobe Coldfusion 7.2
Adobe Coldfusion 7.0
Adobe Coldfusion 7.0.1
Adobe Coldfusion 8.0
Adobe Coldfusion 8.1
Adobe Coldfusion
668
VMScore
CVE-2001-1427
Unknown vulnerability in ColdFusion Server 2.0 up to and including 4.5.1 SP2 allows remote malicious users to overwrite templates with zero byte files via unknown attack vectors.
Macromedia Coldfusion 4.0
Macromedia Coldfusion 4.0.1
Macromedia Coldfusion 3.0.1
Macromedia Coldfusion 3.1
Macromedia Coldfusion 4.5.1
Macromedia Coldfusion 2.0
Macromedia Coldfusion 3.0
Macromedia Coldfusion 4.5
Macromedia Coldfusion 3.1.1
Macromedia Coldfusion 3.1.2
445
VMScore
CVE-2009-1876
Adobe ColdFusion 8.0.1 and previous versions might allow malicious users to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability."
Adobe Coldfusion 6.0
Adobe Coldfusion 7.0.1
Adobe Coldfusion 7.0.2
Adobe Coldfusion
Adobe Coldfusion 6.1
Adobe Coldfusion 7.0
Adobe Coldfusion 7.2
Adobe Coldfusion 8.0
445
VMScore
CVE-2012-2048
Unspecified vulnerability in Adobe ColdFusion 10 and previous versions allows malicious users to cause a denial of service via unknown vectors.
Adobe Coldfusion 9.0
Adobe Coldfusion 8.0.1
Adobe Coldfusion 8.0
Adobe Coldfusion
Adobe Coldfusion 9.0.2
Adobe Coldfusion 9.0.1
312
VMScore
CVE-2013-5326
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 12, 9.0.1 before Update 11, 9.0.2 before Update 6, and 10 before Update 12, when the CFIDE directory is available, allows remote authenticated users to inject arbitrary web script or HTML via unspecifi...
Adobe Coldfusion 9.0.2
Adobe Coldfusion 9.0.1
Adobe Coldfusion 9.0
Adobe Coldfusion 10.0
Adobe Coldfusion
570
VMScore
CVE-2001-1120
Vulnerabilities in ColdFusion 2.0 up to and including 4.5.1 SP 2 allow remote malicious users to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates.
Allaire Coldfusion Server 3.1
Allaire Coldfusion Server 3.1.1
Allaire Coldfusion Server 2.0
Allaire Coldfusion Server 4.0.1
Allaire Coldfusion Server 4.5
Allaire Coldfusion Server 3.1.2
Allaire Coldfusion Server 4.0
Allaire Coldfusion Server 3.0
Allaire Coldfusion Server 3.0.1
Allaire Coldfusion Server 4.5.1
Allaire Coldfusion Server 4.5.1 Sp1
Allaire Coldfusion Server 4.5.1 Sp2
605
VMScore
CVE-2014-0570
Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote malicious users to hijack the authentication of unspecified victims via unknown vecto...
Adobe Coldfusion 9.0.1
Adobe Coldfusion 9.0
Adobe Coldfusion 10.0
Adobe Coldfusion 9.0.2
Adobe Coldfusion 11.0
383
VMScore
CVE-2014-0571
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Adobe Coldfusion 9.0
Adobe Coldfusion 9.0.2
Adobe Coldfusion 10.0
Adobe Coldfusion 11.0
Adobe Coldfusion 9.0.1
409
VMScore
CVE-2014-0572
Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows local users to bypass intended IP-based access restrictions via unspecified vectors.
Adobe Coldfusion 9.0.1
Adobe Coldfusion 9.0.2
Adobe Coldfusion 10.0
Adobe Coldfusion 9.0
Adobe Coldfusion 11.0
505
VMScore
CVE-2000-0538
ColdFusion Administrator for ColdFusion 4.5.1 and previous versions allows remote malicious users to cause a denial of service via a long login password.
Allaire Coldfusion Server 3.01
Allaire Coldfusion Server 3.1
Allaire Coldfusion Server 4.0
Allaire Coldfusion Server 4.0.1
Allaire Coldfusion Server 3.11
Allaire Coldfusion Server 3.12
Allaire Coldfusion Server 2.0
Allaire Coldfusion Server 3.0
Allaire Coldfusion Server 4.5
Allaire Coldfusion Server 4.5.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »