Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-1872
HistoryAug 18, 2009 - 10:30 p.m.

CVE-2009-1872

2009-08-1822:30:00
CWE-79
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.327 Low

EPSS

Percentile

97.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.

Affected configurations

NVD
Node
adobecoldfusionRange8.0.1
OR
adobecoldfusionMatch6.0
OR
adobecoldfusionMatch6.0enterprise_multi-server
OR
adobecoldfusionMatch6.0enterprise_server
OR
adobecoldfusionMatch6.0linux
OR
adobecoldfusionMatch6.0solaris
OR
adobecoldfusionMatch6.1
OR
adobecoldfusionMatch6.1enterprise_multi-server
OR
adobecoldfusionMatch6.1enterprise_server
OR
adobecoldfusionMatch6.1linux
OR
adobecoldfusionMatch6.1solaris
OR
adobecoldfusionMatch7.0
OR
adobecoldfusionMatch7.0enterprise_multi-server
OR
adobecoldfusionMatch7.0enterprise_server
OR
adobecoldfusionMatch7.0linux
OR
adobecoldfusionMatch7.0solaris
OR
adobecoldfusionMatch7.0.1
OR
adobecoldfusionMatch7.0.2
OR
adobecoldfusionMatch7.2unknownmx
OR
adobecoldfusionMatch8.0
OR
adobecoldfusionMatch8.1

Related

prion 1
packetstorm 1
checkpoint_advisories 1
securityvulns 2
cve 1
nuclei 1
cvelist 1
nessus 1
prion
prion
Cross site scripting
2009-08-18 22:30:00
packetstorm
packetstorm
Adobe Coldfusion 8 XSS / XSRF
2009-08-17 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe ColdFusion Server Cross-Site Request Forgery (APSB09-12; CVE-2009-1872)
2009-09-14 00:00:00
securityvulns
securityvulns
[DSECRG-09-022] Adobe Coldfusion 8 Multiple Linked XSS Vulnerabilies
2009-08-17 00:00:00
Adobe Coldfusion crossite scripting
2009-08-17 00:00:00
cve
cve
CVE-2009-1872
2009-08-18 22:30:00
nuclei
nuclei
Adobe Coldfusion <=8.0.1 - Cross-Site Scripting
2021-07-21 06:05:30
cvelist
cvelist
CVE-2009-1872
2009-08-18 22:00:00
nessus
nessus
Adobe ColdFusion <= 8.0.1 _logintowizard.cfm XSS
2009-11-02 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.327 Low

EPSS

Percentile

97.1%

JSON
Related for NVD:CVE-2009-1872
prion1packetstorm1checkpoint_advisories1securityvulns2cve1nuclei1cvelist1nessus1