22 matches found
EUVD-2017-2919
Malware in sbrugna...
EUVD-2017-2920
Malware in sbrugna...
ColdFusion verifyldapserver vulnerability
Added: 03/07/2022 Background Adobe ColdFusion is a web application development platform written in Java. Problem The verifyldapserver method in utils.cfc allows a remote attacker to cause the server to download a Java class from an arbitrary LDAP server, leading to remote code execution. Resoluti...
Adobe ColdFusion 11 - LDAP Java Object Deserialization Remode Code Execution (RCE)
Exploit Title: Adobe ColdFusion 11 - LDAP Java Object Deserialization Remode Code Execution RCE Google Dork: intext:"adobe coldfusion 11" Date: 2022-22-02 Exploit Author: Amel BOUZIANE-LEBLOND https://twitter.com/amellb Vendor Homepage: https://www.adobe.com/sea/products/coldfusion-family.html...
Adobe ColdFusion 11 Remote Code Execution
Exploit Title: Adobe ColdFusion 11 - LDAP Java Object Deserialization Remode Code Execution RCE Google Dork: intext:"adobe coldfusion 11" Date: 2022-22-02 Exploit Author: Amel BOUZIANE-LEBLOND https://twitter.com/amellb Vendor Homepage: https://www.adobe.com/sea/products/coldfusion-family.html...
Adobe ColdFusion Cross-Site Scripting Vulnerability (CNVD-2018-10345)
Adobe ColdFusion is the United States of America Audobee Adobe a dynamic Web server products, which runs the CFML ColdFusion Markup Language is a programming language for Web applications. A cross-site scripting vulnerability exists in Adobe ColdFusion released in 2016 Update 5 and earlier versio...
Deserialization of untrusted data
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution...
Xxe
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. Successful exploitation could lead to information disclosure...
CVE-2018-4938
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation...
Adobe ColdFusion Multiple Vulnerabilities (APSB18-14)
Adobe ColdFusion is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:coldfusion";...
Deserialization of untrusted data
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11...
CVE-2017-11285
Adobe ColdFusion has a cross-site scripting XSS vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11...
CVE-2017-11286
Adobe ColdFusion has an XML external entity XXE injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11...
CVE-2017-11284
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11...
CVE-2017-11286
Adobe ColdFusion has an XML external entity XXE injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11...
CVE-2017-11283
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11...
CVE-2017-11283
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11...
CVE-2017-11286
Adobe ColdFusion has an XML external entity XXE injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11...
CVE-2017-11284
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11...
U.S. Dept Of Defense: Exposed ███████ Administrative Interface (ColdFusion 11)
Summary: The "/██████████/administrator/" directory is accessible to the public and allows an attacker to further enumerate the system and/or perform brute force attacks. Description: The ████████ website has an exposed "Administrative Interface" for ColdFusion 11, which could be useful to an...