Lucene search
K

7 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Macromedia ColdFusion MX 6.1 Template Handling Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11316/info Reportedly Macromedia ColdFusion MX is affected by privilege escalation vulnerability when handling templates. This issue is due to an access validation error that allows a user to perform actions with...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Macromedia ColdFusion MX 6.0 SQL Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8840/info It has been reported that Macromedia ColdFusion MX may be prone to a cross-site scripting vulnerability due to improper handling of error messages generated by the underlying database. This problem may be...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/05/12 12:0 a.m.45 views

Macromedia ColdFusion MX application server crossite scripting

Crossite scripting with error pages...

2.2AI score
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.23 views

Macromedia ColdFusion MX Path Disclosure Vulnerability

A vulnerability has been reported for Macromedia ColdFusion MX that may reveal the physical path information to attackers. When certain malformed URL requests port 8500 are received by the server, an error message is returned containing the full path of the ColdFusion installation. OpenVAS...

5CVSS0.06722EPSS
Exploits1
CVE
CVE
added 2005/06/21 4:0 a.m.79 views

CVE-2002-1700

CVE-2002-1700 describes a cross-site scripting (XSS) flaw in the missing template handler of Macromedia ColdFusion MX. The vulnerability arises because the HTTP request parameter for the template name is not filtered, allowing an attacker to inject script that is echoed in a 404 error message and...

4.3CVSS6.4AI score0.24274EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2005/04/21 4:0 a.m.25 views

CVE-2004-0928

The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm"...

6.7AI score0.04075EPSS
Exploits0References9
NVD
NVD
added 2002/12/31 5:0 a.m.25 views

CVE-2002-1700

Cross-site scripting vulnerability XSS in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message...

4.3CVSS6.5AI score0.24274EPSS
Exploits0References4
Rows per page
Query Builder