Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe coldfusion vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-8256
ColdFusion versions Update 6 and previous versions have an insecure inherited permissions of default installation directory vulnerability. Successful exploitation could lead to privilege escalation.
Adobe Coldfusion 2018
1 Article
7.5
CVSSv2
CVE-2017-11283
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and previous versions versions for ColdFusion 2016, and Update 12 and previous versions versions for ColdFusion 11.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
1 Article
7.5
CVSSv2
CVE-2017-11284
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and previous versions versions for ColdFusion 2016, and Update 12 and previous versions versions for ColdFusion 11.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
1 Article
7.5
CVSSv2
CVE-2016-1114
Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Adobe Coldfusion 10.0
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
7.5
CVSSv2
CVE-2013-1387
Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, 9.0.1 before Update 9, 9.0.2 before Update 4, and 10 before Update 9 allows malicious users to impersonate users via unknown vectors.
Adobe Coldfusion 10.0
Adobe Coldfusion 9.0
Adobe Coldfusion 9.0.1
Adobe Coldfusion 9.0.2
7.5
CVSSv2
CVE-2013-1388
Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, 9.0.1 before Update 9, 9.0.2 before Update 4, and 10 before Update 9 allows malicious users to obtain administrator-console access via unknown vectors.
Adobe Coldfusion 9.0
Adobe Coldfusion 10.0
Adobe Coldfusion 9.0.2
Adobe Coldfusion 9.0.1
7.5
CVSSv2
CVE-2010-2861
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and previous versions allow remote malicious users to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) ...
Adobe Coldfusion 9.0
Adobe Coldfusion 8.0.1
Adobe Coldfusion 8.0
Adobe Coldfusion
2 EDB exploits
1 Nmap script
24 Github repositories
1 Article
7.5
CVSSv2
CVE-2009-2265
Multiple directory traversal vulnerabilities in FCKeditor prior to 2.6.4.1 allow remote malicious users to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code ex...
Fckeditor Fckeditor
Fckeditor Fckeditor 2.4.3
Fckeditor Fckeditor 2.5.1
Fckeditor Fckeditor 2.5
Fckeditor Fckeditor 2.3
Fckeditor Fckeditor 2.1.1
Fckeditor Fckeditor 2.0 Rc2
Fckeditor Fckeditor 2.0rc2
Fckeditor Fckeditor 2.6.3
Fckeditor Fckeditor 2.6.2
Fckeditor Fckeditor 2.4
Fckeditor Fckeditor 2.3.3
Fckeditor Fckeditor 2.0
Fckeditor Fckeditor 2.0 Fc
Fckeditor Fckeditor 2.4.2
Fckeditor Fckeditor 2.4.1
Fckeditor Fckeditor 2.1
Fckeditor Fckeditor 2.6.4
Fckeditor Fckeditor 2.0rc3
Fckeditor Fckeditor 2.2
Fckeditor Fckeditor 2.6.1
Fckeditor Fckeditor 2.6
1 EDB exploit
6 Github repositories
7.5
CVSSv2
CVE-2008-1656
Adobe ColdFusion 8 and 8.0.1 does not properly implement the public access level for CFC methods, which allows remote malicious users to invoke these methods via Flex 2 remoting, a different vulnerability than CVE-2006-4725.
Adobe Coldfusion 8.0
Adobe Coldfusion 8.1
7.5
CVSSv2
CVE-2008-1203
The administrator interface for Adobe ColdFusion 8 and ColdFusion MX7 does not log failed authentication attempts, which makes it easier for remote malicious users to conduct brute force attacks without detection.
Adobe Coldfusion 7.0
Adobe Coldfusion 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »