Coldfusion@* Security Vulnerabilities and Issues — Coldfusion@* CVE List

Lucene search

AdobeColdfusion*

3 matches found

CVE•added 2013/09/20 4:55 p.m.•59 views

CVE-2010-5290

The authentication process in Adobe ColdFusion before 10 does not require knowledge of the cleartext password if the password hash is known, which makes it easier for context-dependent attackers to obtain administrative privileges by leveraging read access to the configuration file, a different vul...

10CVSS9.1AI score0.94334EPSS

CVE•added 2013/11/13 1:55 a.m.•41 views

CVE-2013-5326

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 12, 9.0.1 before Update 11, 9.0.2 before Update 6, and 10 before Update 12, when the CFIDE directory is available, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related ...

3.5CVSS5.5AI score0.00493EPSS

CVE•added 2013/11/13 1:55 a.m.•39 views

CVE-2013-5328

Adobe ColdFusion 10 before Update 12 allows remote attackers to read arbitrary files via unspecified vectors.

7.8CVSS6.9AI score0.00955EPSS