Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2005-4074

Published: 08/12/2005 Updated: 20/07/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Cf Nuke

Vulnerability Summary

Directory traversal vulnerability in index.cfm in CF_Nuke 4.6 and previous versions, when Sandbox Security is disabled, allows remote malicious users to include arbitrary local .cfm files via a .. (dot dot) in the (1) sector or (2) page parameters.

Vulnerable Product Search on Vulmon Subscribe to Product

mycfnuke cf nuke 4.6

Exploits

Exploit DB: CF_Nuke 4.6 - 'index.cfm' Local File Inclusion
source: wwwsecurityfocuscom/bid/15777/info CF_Nuke is prone to a local file include vulnerability This is due to a lack of sanitization of user-supplied input This may facilitate the unauthorized viewing of files and unauthorized execution of local ColdFusion code It should be noted that successful exploitation requires that "Sandbox ...

References

NVD-CWE-Otherhttp://secunia.com/advisories/17939http://www.securityfocus.com/bid/15777http://www.osvdb.org/21505http://pridels0.blogspot.com/2005/12/cfnuke-v46-multiple-vuln.htmlhttp://www.vupen.com/english/advisories/2005/2795https://exchange.xforce.ibmcloud.com/vulnerabilities/23539https://nvd.nist.govhttps://www.exploit-db.com/exploits/26766/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook