Lucene search
K

4 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Allaire ColdFusion Server <= 4.0 - Remote File Display, Deletion, Upload and Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/115/info To display and delete any file on the system use an URL of the following form: http://www.victim.test/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=C:\the\target\file To upload files to the sever first find out the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.52 views

ColdFusion Server 2.0/3.x/4.x Administrator Login Password DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1314/info Due to a faulty mechanism in the password parsing implementation in authentication requests, it is possible to launch a denial of service attack against Allaire ColdFusion 4.5.1 or previous by inputting a string...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/07/16 12:0 a.m.65 views

Allaire ColdFusion 4.0x CFCACHE功能泄露信息漏洞

BUGTRAQ ID: 917 CVECAN ID: CVE-2000-0057 Allaire ColdFusion是一个用来增强Web交互功能的组件。 ColdFusion 4.x包含一个叫做CFCACHE的功能,它通过储存HTML处理CFM页的输出来提高服务器的性能。 当CFCACHE标签处理CFM页面时,它创建一些临时文件,其中一些文件是.tmp文件,其中包含了当前的HTML输出。同时它也创建一个名为cfcache.map的文件,其中包含了到.tmp文件的指针,内容有绝对路径、时间信息和其他URL信息。这些信息如果暴露出来可以造成潜在的危害。...

7.5CVSS6.4AI score0.05547EPSS
Exploits1
CERT
CERT
added 2001/07/30 12:0 a.m.23 views

Allaire ColdFusion Server contains vulnerability allowing unauthorized user read/delete access to files

Overview A vulnerability exists in Allaire ColdFusion Server which allows an attacker to have unauthorized read and delete access to files on the target host. Description A remotely exploitable vulnerability exists in the Allaire ColdFusion Server which could allow an attacker to have unauthorize...

6.4CVSS6.1AI score0.01926EPSS
Exploits0References2
Rows per page
Query Builder