Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-3349
Unspecified vulnerability in Adobe ColdFusion 9.0 up to and including 9.0.2, when the JRun application server is used, allows remote malicious users to cause a denial of service via unknown vectors.
Adobe Coldfusion 9.0
Adobe Coldfusion 9.0.1
Adobe Coldfusion 9.0.2
7.5
CVSSv2
CVE-2005-4342
ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote malicious users to "bypass security controls," aka "JRun Clustered Sandbox Secu...
Macromedia Coldfusion 7.0
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
5
CVSSv2
CVE-2005-4343
Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote malicious users to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL inje...
Macromedia Coldfusion 6.1
Macromedia Coldfusion 6.0
Macromedia Coldfusion 7.0
10
CVSSv2
CVE-2018-15957
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
10
CVSSv2
CVE-2018-15958
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 11.0
Adobe Coldfusion 2018
Adobe Coldfusion 2016
10
CVSSv2
CVE-2018-15959
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
10
CVSSv2
CVE-2018-15961
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
5 Github repositories
5
CVSSv2
CVE-2018-15962
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a directory listing vulnerability. Successful exploitation could lead to information disclosure.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
5
CVSSv2
CVE-2018-15963
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a security bypass vulnerability. Successful exploitation could lead to arbitrary folder creation.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
10
CVSSv2
CVE-2018-15965
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
Adobe Coldfusion 2018
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »