Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-29301
Adobe ColdFusion versions 2018u16 (and previous versions), 2021u6 (and previous versions) and 2023.0.0.330468 (and previous versions) are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a Security feature bypass. An atta...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion
NA
CVE-2021-40698
ColdFusion version 2021 update 1 (and previous versions) and versions 2018.10 (and previous versions) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass??. An authenticated attacker could leverage this vulnerability to...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion
NA
CVE-2021-40699
ColdFusion version 2021 update 1 (and previous versions) and versions 2018.10 (and previous versions) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to access and ma...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion
890
VMScore
CVE-2010-5290
The authentication process in Adobe ColdFusion prior to 10 does not require knowledge of the cleartext password if the password hash is known, which makes it easier for context-dependent malicious users to obtain administrative privileges by leveraging read access to the configur...
Adobe Coldfusion 9.0
Adobe Coldfusion
Adobe Coldfusion 9.0.1
NA
CVE-2023-26347
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the admini...
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
383
VMScore
CVE-2022-28818
ColdFusion versions CF2021U3 (and previous versions) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within t...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion
383
VMScore
CVE-2016-4159
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 20, 11 before Update 9, and 2016 before Update 2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Adobe Coldfusion 10.0
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
668
VMScore
CVE-2005-4342
ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote malicious users to "bypass security controls," aka "JRun Clustered Sandbox Secu...
Macromedia Coldfusion 7.0
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
445
VMScore
CVE-2005-4343
Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote malicious users to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL inje...
Macromedia Coldfusion 6.1
Macromedia Coldfusion 6.0
Macromedia Coldfusion 7.0
445
VMScore
CVE-2018-15962
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a directory listing vulnerability. Successful exploitation could lead to information disclosure.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »