Lucene search
K

1809 matches found

EUVD
EUVD
added yesterday3 views

EUVD-2026-44553

ColdFusion is affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.1CVSS6.5AI score
Exploits0References1
EUVD
EUVD
added yesterday2 views

EUVD-2026-44550

ColdFusion is affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9CVSS6.5AI score
Exploits0References1
EUVD
EUVD
added yesterday2 views

EUVD-2026-44547

ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.1CVSS6.5AI score
Exploits0References1
EUVD
EUVD
added yesterday2 views

EUVD-2026-44545

ColdFusion is affected by an Improper Control of Generation of Code 'Code Injection' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS6.5AI score
Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-44544

ColdFusion is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS6.5AI score
Exploits0References1
EUVD
EUVD
added yesterday2 views

EUVD-2026-44542

ColdFusion is affected by a Missing Authentication for Critical Function vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.3CVSS6.5AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2 days ago6 views

org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method

A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...

8.8CVSS6.2AI score0.00663EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2 days ago8 views

org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method

A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...

8.8CVSS6.2AI score0.00663EPSS
Exploits0References9
CISA KEV Catalog
CISA KEV Catalog
added 2026/07/07 12:0 a.m.27 views

Adobe ColdFusion Path Traversal Vulnerability

Adobe ColdFusion contains a path traversal vulnerability that could lead to arbitrary code execution in the context of the current user...

10CVSS7.9AI score0.28583EPSS
In wildExploits3
RedHat Linux
RedHat Linux
added 2026/07/06 6:17 p.m.6 views

org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method

A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References9
CVE
CVE
added 2026/07/06 4:13 p.m.193 views

CVE-2026-48316

CVE-2026-48316 affects Adobe ColdFusion versions 2025.9, 2023.20 and earlier and is an Improper Input Validation vulnerability that could enable arbitrary code execution in the current user context without user interaction. Remediation: update to ColdFusion 2023 Update 21 or ColdFusion 2025 Updat...

10CVSS7.9AI score0.01396EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/07/06 4:13 p.m.5 views

EUVD-2026-41890

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS7.9AI score0.01396EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/07/06 3:59 p.m.8 views

org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method

A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/07/06 3:55 p.m.4 views

org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method

A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/07/06 3:49 p.m.5 views

org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method

A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/07/06 3:46 p.m.5 views

org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method

A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/07/06 3:42 p.m.5 views

org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method

A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References9
NVD
NVD
added 2026/07/01 5:16 p.m.11 views

CVE-2026-34099

Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in jobinfo.php line 16: SELECT FROM jobs where id = '".$GET'id'."'. No authentication is required. An unauthenticated attacker can perform error-based SQL injection to extract the database version, current...

9.8CVSS0.00459EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 4:8 p.m.8 views

EUVD-2026-41056

Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in jobinfo.php line 16: SELECT FROM jobs where id = '".$GET'id'."'. No authentication is required. An unauthenticated attacker can perform error-based SQL injection to extract the database version, current...

9.8CVSS5.8AI score0.00459EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.13 views

PT-2026-54735

Name of the Vulnerable Software and Affected Versions Guardian language-system affected versions not specified Description An unauthenticated attacker can perform error-based SQL injection by sending crafted values to the id parameter via a GET request to the 'job info.php' endpoint. The issue...

9.8CVSS5.8AI score0.00459EPSS
Exploits0References6
Rows per page
Query Builder