Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2364
Cross-site scripting (XSS) vulnerability in the validation feature in Macromedia ColdFusion 5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a "_required" field when the associated normal field is missing or empty, which i...
Macromedia Coldfusion 5.0
5.5
CVSSv3
CVE-2004-2331
ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag.
Macromedia Coldfusion 6.1
NA
CVE-2002-0846
The decoder for Macromedia Shockwave Flash allows remote malicious users to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
Macromedia Shockwave Flash
NA
CVE-2002-1026
Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote malicious users to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow.
Macromedia Sitespring 1.2.0
NA
CVE-2002-1027
Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote malicious users to execute arbitrary web script via a link to 500error.jsp with the script in 1the et parameter.
Macromedia Sitespring 1.2.0
1 EDB exploit
NA
CVE-2000-0540
JSP sample files in Allaire JRun 2.3.x allow remote malicious users to access arbitrary files (e.g. via viewsource.jsp) or obtain configuration information.
Macromedia Jrun 2.3
NA
CVE-2004-2330
ColdFusion MX 6.1 and 6.1 J2EE allows remote malicious users to cause a denial of service via an HTTP request containing a large number of form fields.
Macromedia Coldfusion 6.1
NA
CVE-2001-1512
Unknown vulnerability in Allaire JRun 3.1 allows remote malicious users to directly access the WEB-INF and META-INF directories and execute arbitrary JavaServer Pages (JSP), a variant of CVE-2000-1050.
Macromedia Jrun 3.1
NA
CVE-2006-6885
An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote malicious users to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute.
Macromedia Shockwave 10
1 EDB exploit
NA
CVE-2005-3112
The "reset password" feature in Macromedia Breeze 5.0 stores passwords in plaintext in the database instead of the hash, which allows attackers with access to the database to obtain the passwords.
Macromedia Breeze 5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »