Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-4342
ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote malicious users to "bypass security controls," aka "JRun Clustered Sandbox Secu...
Macromedia Coldfusion 6.1
Macromedia Coldfusion 7.0
Macromedia Coldfusion 6.0
5
CVSSv2
CVE-2005-4343
Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote malicious users to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL inje...
Macromedia Coldfusion 6.1
Macromedia Coldfusion 7.0
Macromedia Coldfusion 6.0
10
CVSSv2
CVE-2018-15957
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
10
CVSSv2
CVE-2018-15959
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
6.4
CVSSv2
CVE-2018-15960
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to arbitrary file overwrite.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
10
CVSSv2
CVE-2018-15961
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
5 Github repositories
5
CVSSv2
CVE-2018-15962
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a directory listing vulnerability. Successful exploitation could lead to information disclosure.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
5
CVSSv2
CVE-2018-15963
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a security bypass vulnerability. Successful exploitation could lead to arbitrary folder creation.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
3.5
CVSSv2
CVE-2021-21087
Adobe Coldfusion versions 2016 (update 16 and previous versions), 2018 (update 10 and previous versions) and 2021.0.0.323925 are affected by an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An attacker could abuse th...
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 2021.0.0.323925
NA
CVE-2023-38203
Adobe ColdFusion versions 2018u17 (and previous versions), 2021u7 (and previous versions) and 2023u1 (and previous versions) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not requir...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion 2023
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »