Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-44353
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
NA
CVE-2021-40699
ColdFusion version 2021 update 1 (and previous versions) and versions 2018.10 (and previous versions) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to access and ma...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion
NA
CVE-2021-40698
ColdFusion version 2021 update 1 (and previous versions) and versions 2018.10 (and previous versions) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass??. An authenticated attacker could leverage this vulnerability to...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion
10
CVSSv2
CVE-2010-5290
The authentication process in Adobe ColdFusion prior to 10 does not require knowledge of the cleartext password if the password hash is known, which makes it easier for context-dependent malicious users to obtain administrative privileges by leveraging read access to the configur...
Adobe Coldfusion 9.0
Adobe Coldfusion
Adobe Coldfusion 9.0.1
NA
CVE-2023-26347
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the admini...
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
4.3
CVSSv2
CVE-2022-28818
ColdFusion versions CF2021U3 (and previous versions) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within t...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion
10
CVSSv2
CVE-2019-7840
ColdFusion versions Update 3 and previous versions, Update 10 and previous versions, and Update 18 and previous versions have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
1 Article
NA
CVE-2023-38205
Adobe ColdFusion versions 2018u18 (and previous versions), 2021u8 (and previous versions) and 2023u2 (and previous versions) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to a...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion 2023
10
CVSSv2
CVE-2018-15961
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
5 Github repositories
5
CVSSv2
CVE-2018-15962
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a directory listing vulnerability. Successful exploitation could lead to information disclosure.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »