EUVD-2004-2196

Malware in sbrugna...

EUVD-2020-7901

Malware in sbrugna...

CVE-1999-0757

The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates...

Lucee Remote Code Execution Vulnerability

The Lucee Server Lucee is a dynamic, java-based markup and scripting language used for rapid web application development. Lucee suffers from a remote code execution vulnerability that can be exploited to execute system commands by accepting the name of a cookie as one of its parameters and passin...

TestBox CFML Test Framework 4.1.0 Directory Traversal

Title: TestBox CFML Test Framework 4.1.0 - Directory Traversal Author: Darren King Date: 2020-07-23 Vendor Homepage: https://www.ortussolutions.com/products/testbox Software Link: https://www.ortussolutions.com/parent/download/testbox?version=3.1.0 Version : 2.3.0 through to 4.1.0 Tested on: Adob...

TestBox CFML Test Framework 4.1.0 - Directory Traversal

Title: TestBox CFML Test Framework 4.1.0 - Directory Traversal Author: Darren King Date: 2020-07-23 Vendor Homepage: https://www.ortussolutions.com/products/testbox Software Link: https://www.ortussolutions.com/parent/download/testbox?version=3.1.0 Version : 2.3.0 through to 4.1.0 Tested on: Adob...

TestBox CFML Test Framework 4.1.0 Arbitrary File Write / Code Execution

Title: TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution Author: Darren King Date: 2020-07-23 Vendor Homepage: https://www.ortussolutions.com/products/testbox Software Link: https://www.ortussolutions.com/parent/download/testbox?version=3.1.0 Version : 2.4.0 throu...

TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution

Title: TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution Author: Darren King Date: 2020-07-23 Vendor Homepage: https://www.ortussolutions.com/products/testbox Software Link: https://www.ortussolutions.com/parent/download/testbox?version=3.1.0 Version : 2.4.0 throu...

Cross site scripting

Cross-site scripting XSS vulnerability in BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to inject arbitrary web script or HTML via the filename in a request to a 1 .cfm or 2 .cfml file, which reflects the result in the default error page...

BlueDragon 6.2.1 Multiple Remote Vulnerabilities (XSS, DoS)

The remote host is running BlueDragon Server / Server JX, Java-based servers for stand-alone deployment of CFML ColdFusion Markup Language pages. The version of BlueDragon Server / Server JX installed on the remote host fails to sanitize user-supplied input passed as part of the filename before...

CVE-2004-2204

Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT...

CVE-1999-0760

Technical details about CVE-1999-0760 are not publicly available in the provided documents. Monitor for updates from official advisories and vendor pages to obtain affected products, impact, and remediation information.

CVE-1999-0760

Undocumented ColdFusion Markup Language CFML tags and functions in the ColdFusion Administrator allow users to gain additional privileges...

Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE Decrypt Pages

Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE Decrypt Pages / source: https://www.securityfocus.com/bid/275/info A vulnerability in ColdFusion allows pages encrypted with the CFCRYPT.EXE utility to be decrypted. ColdFusion supports the ability to "encrypt" the CFML templates in an application or...