Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-1387
Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, 9.0.1 before Update 9, 9.0.2 before Update 4, and 10 before Update 9 allows malicious users to impersonate users via unknown vectors.
Adobe Coldfusion 10.0
Adobe Coldfusion 9.0
Adobe Coldfusion 9.0.1
Adobe Coldfusion 9.0.2
7.5
CVSSv2
CVE-2013-1388
Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, 9.0.1 before Update 9, 9.0.2 before Update 4, and 10 before Update 9 allows malicious users to obtain administrator-console access via unknown vectors.
Adobe Coldfusion 9.0
Adobe Coldfusion 10.0
Adobe Coldfusion 9.0.2
Adobe Coldfusion 9.0.1
7.5
CVSSv2
CVE-2010-2861
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and previous versions allow remote malicious users to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) ...
Adobe Coldfusion 9.0
Adobe Coldfusion 8.0.1
Adobe Coldfusion 8.0
Adobe Coldfusion
2 EDB exploits
1 Nmap script
24 Github repositories
1 Article
7.5
CVSSv2
CVE-2009-2265
Multiple directory traversal vulnerabilities in FCKeditor prior to 2.6.4.1 allow remote malicious users to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code ex...
Fckeditor Fckeditor
Fckeditor Fckeditor 2.4.3
Fckeditor Fckeditor 2.5.1
Fckeditor Fckeditor 2.5
Fckeditor Fckeditor 2.3
Fckeditor Fckeditor 2.1.1
Fckeditor Fckeditor 2.0 Rc2
Fckeditor Fckeditor 2.0rc2
Fckeditor Fckeditor 2.6.3
Fckeditor Fckeditor 2.6.2
Fckeditor Fckeditor 2.4
Fckeditor Fckeditor 2.3.3
Fckeditor Fckeditor 2.0
Fckeditor Fckeditor 2.0 Fc
Fckeditor Fckeditor 2.4.2
Fckeditor Fckeditor 2.4.1
Fckeditor Fckeditor 2.1
Fckeditor Fckeditor 2.6.4
Fckeditor Fckeditor 2.0rc3
Fckeditor Fckeditor 2.2
Fckeditor Fckeditor 2.6.1
Fckeditor Fckeditor 2.6
1 EDB exploit
6 Github repositories
7.5
CVSSv2
CVE-2008-1656
Adobe ColdFusion 8 and 8.0.1 does not properly implement the public access level for CFC methods, which allows remote malicious users to invoke these methods via Flex 2 remoting, a different vulnerability than CVE-2006-4725.
Adobe Coldfusion 8.0
Adobe Coldfusion 8.1
7.5
CVSSv2
CVE-2008-1203
The administrator interface for Adobe ColdFusion 8 and ColdFusion MX7 does not log failed authentication attempts, which makes it easier for remote malicious users to conduct brute force attacks without detection.
Adobe Coldfusion 7.0
Adobe Coldfusion 8.0
7.5
CVSSv2
CVE-2006-2042
Adobe Dreamweaver 8 prior to 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
Adobe Dreamweaver 7.0
Adobe Dreamweaver 8.0
7.5
CVSSv2
CVE-2005-4342
ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote malicious users to "bypass security controls," aka "JRun Clustered Sandbox Secu...
Macromedia Coldfusion 7.0
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
7.5
CVSSv2
CVE-2004-1478
JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Hitachi Cosminexus Enterprise 01 02 2
Hitachi Cosminexus Server Web 01-01 1
Macromedia Jrun 4.0
Hitachi Cosminexus Server Web 01-01 2
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
Hitachi Cosminexus Enterprise 01 01 1
Macromedia Jrun 3.0
Macromedia Jrun 3.1
7.5
CVSSv2
CVE-2002-1309
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote malicious users to execute arbitrary via an HTTP GET request with a long .cfm file name.
Macromedia Coldfusion 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »