Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-15961
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
5 Github repositories
5.3
CVSSv3
CVE-2018-15962
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a directory listing vulnerability. Successful exploitation could lead to information disclosure.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
5.3
CVSSv3
CVE-2018-15963
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a security bypass vulnerability. Successful exploitation could lead to arbitrary folder creation.
Adobe Coldfusion 11.0
Adobe Coldfusion 2016
Adobe Coldfusion 2018
9.8
CVSSv3
CVE-2018-15965
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and previous versions, and Update 14 and previous versions have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Coldfusion 2016
Adobe Coldfusion 11.0
Adobe Coldfusion 2018
NA
CVE-2007-0817
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion web server allows remote malicious users to inject arbitrary HTML or web script via the User-Agent HTTP header, which is not sanitized before being displayed in an error page.
Adobe Coldfusion 7.0.1
Adobe Coldfusion 7.0.2
Adobe Coldfusion 6.1
1 EDB exploit
9.8
CVSSv3
CVE-2023-38203
Adobe ColdFusion versions 2018u17 (and previous versions), 2021u7 (and previous versions) and 2023u1 (and previous versions) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not requir...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion 2023
9.8
CVSSv3
CVE-2023-38204
Adobe ColdFusion versions 2018u18 (and previous versions), 2021u8 (and previous versions) and 2023u2 (and previous versions) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not requir...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion 2023
7.5
CVSSv3
CVE-2023-38205
Adobe ColdFusion versions 2018u18 (and previous versions), 2021u8 (and previous versions) and 2023u2 (and previous versions) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to a...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion 2023
5.3
CVSSv3
CVE-2023-38206
Adobe ColdFusion versions 2018u18 (and previous versions), 2021u8 (and previous versions) and 2023u2 (and previous versions) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to a...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion 2023
NA
CVE-2012-2041
CRLF injection vulnerability in the Component Browser in Adobe ColdFusion 8.0 up to and including 9.0.1 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Adobe Coldfusion 8.0
Adobe Coldfusion 8.0.1
Adobe Coldfusion 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »