Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-3336
Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote malicious users to read arbitrary files via unknown vectors.
Adobe Coldfusion 9.0
Adobe Coldfusion 10.0
Adobe Coldfusion 9.0.1
Adobe Coldfusion 9.0.2
1 EDB exploit
1 Article
6.8
CVSSv2
CVE-2013-0625
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote malicious users to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.
Adobe Coldfusion 9.0.2
Adobe Coldfusion 10.0
Adobe Coldfusion 9.0
Adobe Coldfusion 9.0.1
1 EDB exploit
7.5
CVSSv2
CVE-1999-0477
The Expression Evaluator in the ColdFusion Application Server allows a remote malicious user to upload files to the server via openfile.cfm, which does not restrict access to the server properly.
Allaire Coldfusion Server 2.0
Allaire Coldfusion Server 3.0
Allaire Coldfusion Server 3.01
Allaire Coldfusion Server 3.11
Allaire Coldfusion Server 3.12
Allaire Coldfusion Server 4.0
1 EDB exploit
NA
CVE-2021-40698
ColdFusion version 2021 update 1 (and previous versions) and versions 2018.10 (and previous versions) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass??. An authenticated attacker could leverage this vulnerability to...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion
NA
CVE-2021-40699
ColdFusion version 2021 update 1 (and previous versions) and versions 2018.10 (and previous versions) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to access and ma...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion
NA
CVE-2023-26347
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the admini...
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
10
CVSSv2
CVE-2010-5290
The authentication process in Adobe ColdFusion prior to 10 does not require knowledge of the cleartext password if the password hash is known, which makes it easier for context-dependent malicious users to obtain administrative privileges by leveraging read access to the configur...
Adobe Coldfusion 9.0
Adobe Coldfusion
Adobe Coldfusion 9.0.1
NA
CVE-2023-44350
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
NA
CVE-2023-44351
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
NA
CVE-2023-44352
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious J...
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »