Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26360
Adobe ColdFusion versions 2018 Update 15 (and previous versions) and 2021 Update 5 (and previous versions) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does no...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
2 Metasploit modules
2 Github repositories
1 Article
NA
CVE-2022-35690
Adobe ColdFusion versions Update 14 (and previous versions) and Update 4 (and previous versions) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not requi...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
NA
CVE-2022-35710
Adobe ColdFusion versions Update 14 (and previous versions) and Update 4 (and previous versions) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not requi...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
NA
CVE-2022-35711
Adobe ColdFusion versions Update 14 (and previous versions) and Update 4 (and previous versions) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not requir...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
NA
CVE-2022-35712
Adobe ColdFusion versions Update 14 (and previous versions) and Update 4 (and previous versions) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not requir...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
383
VMScore
CVE-2015-5255
Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x prior to 3.0.0.354175, 3.1.x prior to 3.1.0.354180, 4.5.x prior to 4.5.1.354177, 4.6.2.x prior to 4.6.2.354178, and 4.7.x prior to 4.7.0.354178, allows remote malicio...
Hp Xp7 Command View Advanced Edition -
Hp Xp P9000 Command View Advanced Edition -
Adobe Coldfusion
Adobe Livecycle Data Services 4.6
Adobe Livecycle Data Services 4.7
Adobe Livecycle Data Services 3.0
Adobe Livecycle Data Services 4.5
445
VMScore
CVE-2015-3269
Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x prior to 3.0.0.354170, 4.5 prior to 4.5.1.354169, 4.6.2 prior to 4.6.2.354169, and 4.7 prior to 4.7.0.354169 and other products, allows remote malicious users to read arbitrary f...
Hp Business Service Management
Adobe Livecycle Data Services 3.0
Adobe Livecycle Data Services 4.5
Adobe Livecycle Data Services 4.6
Adobe Livecycle Data Services 4.7
3 Articles
383
VMScore
CVE-2014-2860
Multiple cross-site scripting (XSS) vulnerabilities in PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allow remote malicious users to inject arbitrary web script or HTML via a crafted HTTP request to a (1) ColdFusion or (2) JavaScript component.
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.1
668
VMScore
CVE-2014-2865
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to bypass intended access restrictions via a '\0' character, as demonstrated by using this character within a pathname on the drive containing the web root directory of a ColdFusion...
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
890
VMScore
CVE-2014-2867
Unrestricted file upload vulnerability in PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to execute arbitrary code by uploading a ColdFusion page, and then accessing it via unspecified vectors.
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »