Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2306
Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users.
Macromedia Coldfusion 6.1
Macromedia Coldfusion 7.0
Macromedia Jrun 4.0
NA
CVE-2004-1477
Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote malicious users to execute arbitrary web script or HTML and possibly hijack a user's session.
Macromedia Jrun 4.0
Macromedia Jrun 3.0
Macromedia Jrun 3.1
NA
CVE-2002-0665
Macromedia JRun Administration Server allows remote malicious users to bypass authentication on the login form via an extra slash (/) in the URL.
Macromedia Jrun 4.0
Macromedia Jrun 3.0
Macromedia Jrun 3.1
1 EDB exploit
NA
CVE-2002-0937
The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null).
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Jrun 4.0
1 EDB exploit
NA
CVE-2002-2186
Macromedia JRun 3.0, 3.1, and 4.0 allow remote malicious users to view the source code of .JSP files via Unicode encoded character values in a URL.
Macromedia Jrun 3.0
Macromedia Jrun 3.1
Macromedia Jrun 4.0
NA
CVE-2002-2187
Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact.
Macromedia Jrun 3.0
Macromedia Jrun 4.0
Macromedia Jrun 3.1
NA
CVE-2005-4342
ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote malicious users to "bypass security controls," aka "JRun Clustered Sandbox Secu...
Macromedia Coldfusion 7.0
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
NA
CVE-2005-4343
Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote malicious users to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL inje...
Macromedia Coldfusion 6.1
Macromedia Coldfusion 6.0
Macromedia Coldfusion 7.0
NA
CVE-2002-1025
JRun 3.0 up to and including 4.0 allows remote malicious users to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.
Macromedia Jrun 3.0
Macromedia Jrun 3.1
Macromedia Jrun 4.0
NA
CVE-2001-0926
SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote malicious users to obtain source code for Java server pages (.jsp) and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an #include statement.
Macromedia Jrun 2.3.3
Macromedia Jrun 3.0
Macromedia Jrun 3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »