Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-0923
Sample runnable code snippets in ColdFusion Server 4.0 allow remote malicious users to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.
Allaire Coldfusion Server 4.0
NA
CVE-1999-0924
The Syntax Checker in ColdFusion Server 4.0 allows remote malicious users to conduct a denial of service.
Allaire Coldfusion Server 4.0
NA
CVE-1999-0922
An example application in ColdFusion Server 4.0 allows remote malicious users to view source code via the sourcewindow.cfm file.
Allaire Coldfusion Server 4.0
NA
CVE-2000-0538
ColdFusion Administrator for ColdFusion 4.5.1 and previous versions allows remote malicious users to cause a denial of service via a long login password.
Allaire Coldfusion Server 3.01
Allaire Coldfusion Server 3.1
Allaire Coldfusion Server 4.0
Allaire Coldfusion Server 4.0.1
Allaire Coldfusion Server 3.11
Allaire Coldfusion Server 3.12
Allaire Coldfusion Server 2.0
Allaire Coldfusion Server 3.0
Allaire Coldfusion Server 4.5
Allaire Coldfusion Server 4.5.1
1 EDB exploit
NA
CVE-2000-0410
ColdFusion Server 4.5.1 allows remote malicious users to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory.
Allaire Coldfusion Server 4.5.1
NA
CVE-2000-0189
ColdFusion Server 4.x allows remote malicious users to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files.
Allaire Coldfusion Server 4.0
Allaire Coldfusion Server 4.0.1
Allaire Coldfusion Server 4.5
NA
CVE-2000-0057
Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote malicious users to obtain sensitive system information.
Allaire Coldfusion Server 4.0.1
Allaire Coldfusion Server 4.0
1 EDB exploit
NA
CVE-1999-1124
HTTP Client application in ColdFusion allows remote malicious users to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from...
Allaire Coldfusion
NA
CVE-1999-0455
The Expression Evaluator sample application in ColdFusion allows remote malicious users to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.
Allaire Coldfusion Server 4.0
1 EDB exploit
NA
CVE-1999-0477
The Expression Evaluator in the ColdFusion Application Server allows a remote malicious user to upload files to the server via openfile.cfm, which does not restrict access to the server properly.
Allaire Coldfusion Server 2.0
Allaire Coldfusion Server 3.0
Allaire Coldfusion Server 3.01
Allaire Coldfusion Server 3.11
Allaire Coldfusion Server 3.12
Allaire Coldfusion Server 4.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4