4 matches found
CVE-2013-0631
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
Cross site scripting
Cross-site scripting XSS vulnerability in Remote Development Services RDS in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-0736
Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=- query to a .cfm file. NOTE: the vendor disputes the significance of this issue because the...
Adobe ColdFusion Directory Traversal Vulnerability (APSB10-18)
Adobe ColdFusion is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...