Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-4159
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 20, 11 before Update 9, and 2016 before Update 2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Adobe Coldfusion 10.0
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
6.1
CVSSv3
CVE-2016-1113
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Adobe Coldfusion 10.0
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
5.9
CVSSv3
CVE-2016-1115
Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 mishandles wildcards in name fields of X.509 certificates, which might allow man-in-the-middle malicious users to spoof servers via a crafted certificate.
Adobe Coldfusion 10.0
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
5.5
CVSSv3
CVE-2023-44347
Adobe InDesign versions ID18.5 (and previous versions) and ID17.4.2 (and previous versions) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the cu...
5.5
CVSSv3
CVE-2004-2331
ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag.
Macromedia Coldfusion 6.1
5.4
CVSSv3
CVE-2021-21087
Adobe Coldfusion versions 2016 (update 16 and previous versions), 2018 (update 10 and previous versions) and 2021.0.0.323925 are affected by an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An attacker could abuse th...
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 2021.0.0.323925
5.3
CVSSv3
CVE-2023-38206
Adobe ColdFusion versions 2018u18 (and previous versions), 2021u8 (and previous versions) and 2023u2 (and previous versions) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to a...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion 2023
5.3
CVSSv3
CVE-2018-15962
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a directory listing vulnerability. Successful exploitation could lead to information disclosure.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
5.3
CVSSv3
CVE-2018-15963
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a security bypass vulnerability. Successful exploitation could lead to arbitrary folder creation.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
4.9
CVSSv3
CVE-2023-26361
Adobe ColdFusion versions 2018 Update 15 (and previous versions) and 2021 Update 5 (and previous versions) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in Arbitrary file system read. Ex...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »