Lucene search
K

4 matches found

CVE
CVE
added 2005/08/05 4:0 a.m.55 views

CVE-2005-2481

CVE-2005-2481 affects ColdFusion Fusebox 4.1.0. The issue is that a malformed or invalid fuseaction parameter allows remote attackers to cause an error message that leaks the full server path. Documents confirm the affected product and the nature of the information disclosure, but do not provide ...

5CVSS6.6AI score0.01194EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2005/08/05 4:0 a.m.17 views

CVE-2005-2480

Cross-site scripting XSS vulnerability in ColdFusion Fusebox 4.1.0 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter, which is not quoted in an error page, as demonstrated using index.cfm...

4.3CVSS5.7AI score0.03613EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/08/05 4:0 a.m.20 views

CVE-2005-2481

ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive information via an invalid fuseaction parameter, which leaks the full server path in an error message, as demonstrated using the "?" question mark character...

6.2AI score0.01194EPSS
Exploits0References1
CVE
CVE
added 2005/08/05 4:0 a.m.65 views

CVE-2005-2480

The CVE-2005-2480 entry concerns Fusebox running on ColdFusion (Fusebox 4.1.0). The vulnerability is a cross-site scripting (XSS) flaw where the fuseaction parameter is not quoted in an error page, enabling an attacker to inject arbitrary script/HTML (demonstrated via index.cfm). Connected docume...

4.3CVSS5.7AI score0.03613EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder