Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2001-0179
Allaire JRun 3.0 allows remote malicious users to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "."
Macromedia Jrun 3.0
7.2
CVSSv2
CVE-2005-4345
Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges.
Macromedia Coldfusion 7.0
5
CVSSv2
CVE-2002-1026
Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote malicious users to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow.
Macromedia Sitespring 1.2.0
5
CVSSv2
CVE-2000-1050
Allaire JRun 3.0 http servlet server allows remote malicious users to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").
Macromedia Jrun 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2002-1027
Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote malicious users to execute arbitrary web script via a link to 500error.jsp with the script in 1the et parameter.
Macromedia Sitespring 1.2.0
1 EDB exploit
2.1
CVSSv2
CVE-2005-4344
Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration.
Macromedia Coldfusion 7.0
5.8
CVSSv2
CVE-2006-2364
Cross-site scripting (XSS) vulnerability in the validation feature in Macromedia ColdFusion 5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a "_required" field when the associated normal field is missing or empty, which i...
Macromedia Coldfusion 5.0
2.1
CVSSv2
CVE-1999-1271
Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users.
Macromedia Dreamweaver Initial
5
CVSSv2
CVE-2002-0476
Standalone Macromedia Flash Player 5.0 allows remote malicious users to save arbitrary files and programs via a .SWF file containing the undocumented "save" FSCommand.
Macromedia Flash Player 5.0
5
CVSSv2
CVE-2000-1052
Allaire JRun 2.3 server allows remote malicious users to obtain source code for executable content by directly calling the SSIFilter servlet.
Macromedia Jrun 2.3.x
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »