Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2004-0646
Buffer overflow in the WriteToLog function for JRun 3.0 up to and including 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote malicious users to execute arbitrary code via a long HTTP header Content-Type fie...
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
Macromedia Jrun 4.0
Macromedia Jrun 3.0
Macromedia Jrun 3.1
890
VMScore
CVE-2001-1514
ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with <CFEXECUTE> and (2) child processes that call the CreateProcess function an...
Macromedia Coldfusion 5.0
Macromedia Coldfusion 4.5
890
VMScore
CVE-1999-0760
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.
Allaire Coldfusion Server 4.0
Allaire Coldfusion Server 4.0.1
Allaire Coldfusion Server 3.1.1
Allaire Coldfusion Server 3.1.2
Allaire Coldfusion Server 3.0.1
Allaire Coldfusion Server 3.1
Allaire Coldfusion Server 2.0
Allaire Coldfusion Server 3.0
782
VMScore
CVE-2010-2861
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and previous versions allow remote malicious users to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) ...
Adobe Coldfusion 9.0
Adobe Coldfusion 8.0.1
Adobe Coldfusion 8.0
Adobe Coldfusion
2 EDB exploits
1 Nmap script
24 Github repositories
1 Article
757
VMScore
CVE-2009-2265
Multiple directory traversal vulnerabilities in FCKeditor prior to 2.6.4.1 allow remote malicious users to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code ex...
Fckeditor Fckeditor
Fckeditor Fckeditor 2.4.3
Fckeditor Fckeditor 2.5.1
Fckeditor Fckeditor 2.5
Fckeditor Fckeditor 2.3
Fckeditor Fckeditor 2.1.1
Fckeditor Fckeditor 2.0 Rc2
Fckeditor Fckeditor 2.0rc2
Fckeditor Fckeditor 2.6.3
Fckeditor Fckeditor 2.6.2
Fckeditor Fckeditor 2.4
Fckeditor Fckeditor 2.3.3
Fckeditor Fckeditor 2.0
Fckeditor Fckeditor 2.0 Fc
Fckeditor Fckeditor 2.4.2
Fckeditor Fckeditor 2.4.1
Fckeditor Fckeditor 2.1
Fckeditor Fckeditor 2.6.4
Fckeditor Fckeditor 2.0rc3
Fckeditor Fckeditor 2.2
Fckeditor Fckeditor 2.6.1
Fckeditor Fckeditor 2.6
1 EDB exploit
6 Github repositories
755
VMScore
CVE-2000-0057
Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote malicious users to obtain sensitive system information.
Allaire Coldfusion Server 4.0.1
Allaire Coldfusion Server 4.0
1 EDB exploit
755
VMScore
CVE-1999-0455
The Expression Evaluator sample application in ColdFusion allows remote malicious users to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.
Allaire Coldfusion Server 4.0
1 EDB exploit
755
VMScore
CVE-1999-0477
The Expression Evaluator in the ColdFusion Application Server allows a remote malicious user to upload files to the server via openfile.cfm, which does not restrict access to the server properly.
Allaire Coldfusion Server 2.0
Allaire Coldfusion Server 3.0
Allaire Coldfusion Server 3.01
Allaire Coldfusion Server 3.11
Allaire Coldfusion Server 3.12
Allaire Coldfusion Server 4.0
1 EDB exploit
694
VMScore
CVE-2013-5328
Adobe ColdFusion 10 before Update 12 allows remote malicious users to read arbitrary files via unspecified vectors.
Adobe Coldfusion 10.0
Adobe Coldfusion
685
VMScore
CVE-2013-0625
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote malicious users to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.
Adobe Coldfusion 9.0.2
Adobe Coldfusion 10.0
Adobe Coldfusion 9.0
Adobe Coldfusion 9.0.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »