Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2018-7486
Blue River Mura CMS before v7.0.7029 supports inline function calls with an [m] tag and [/m] end tag, without proper restrictions on file types or pathnames, which allows remote malicious users to execute arbitrary code via an [m]$.dspinclude("../pathname/executable.jpeg&quo...
Blueriver Muracms
6.5
CVSSv3
CVE-2020-3767
ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an insufficient input validation vulnerability. Successful exploitation could lead to application-level denial-of-service (dos).
Adobe Coldfusion 2016
Adobe Coldfusion 2018
6.5
CVSSv3
CVE-2020-3796
ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an improper access control vulnerability. Successful exploitation could lead to system file structure disclosure.
Adobe Coldfusion 2016
Adobe Coldfusion 2018
6.1
CVSSv3
CVE-2023-44352
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious J...
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
6.1
CVSSv3
CVE-2022-28818
ColdFusion versions CF2021U3 (and previous versions) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within t...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion
6.1
CVSSv3
CVE-2019-7092
ColdFusion versions Update 1 and previous versions, Update 7 and previous versions, and Update 15 and previous versions have a cross site scripting vulnerability. Successful exploitation could lead to information disclosure .
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
Adobe Coldfusion 2018
6.1
CVSSv3
CVE-2018-4941
Adobe ColdFusion Update 5 and previous versions versions, ColdFusion 11 Update 13 and previous versions versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
6.1
CVSSv3
CVE-2018-4940
Adobe ColdFusion Update 5 and previous versions versions, ColdFusion 11 Update 13 and previous versions versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
6.1
CVSSv3
CVE-2017-11285
Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. This affects Update 4 and previous versions versions for ColdFusion 2016, and Update 12 and previous versions versions for ColdFusion 11.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
1 Article
6.1
CVSSv3
CVE-2017-3008
Adobe ColdFusion 2016 Update 3 and previous versions, ColdFusion 11 update 11 and previous versions, ColdFusion 10 Update 22 and previous versions have a reflected cross-site scripting vulnerability.
Adobe Coldfusion 10.0
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »