Lucene search
K

4 matches found

EUVD
EUVD
added 2026/04/15 12:31 a.m.5 views

EUVD-2026-22730

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

9.3CVSS6.3AI score0.04047EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/14 9:53 p.m.2 views

CVE-2026-34619 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access unauthorized files or directories...

7.7CVSS6AI score0.08507EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 9:53 p.m.10 views

CVE-2026-27307

CVE-2026-27307 affects Adobe ColdFusion 2023.18, 2025.6 and earlier, with an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. The issue can be exploited by a high-privilege attacker without user interaction and has a low CVSS base score per the pro...

2.4CVSS5.8AI score0.02912EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/08/16 2:11 a.m.5 views

WordPress Advanced iFrame plugin <= 2025.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin Advanced iFrame versions = 2025.6...

5.4CVSS5.5AI score0.00222EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder