Coldfusion Security Vulnerabilities and Issues — Coldfusion CVE List

Lucene search

AdobeColdfusion

4 matches found

CVE•added 2013/01/17 12:55 a.m.•1059 views

CVE-2013-0632

administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary code by logging in to the RDS component using the default empty password and leveraging this session to access the administrative web interface, as exploit...

10CVSS8.1AI score0.92524EPSS

CVE•added 2013/01/09 1:55 a.m.•1023 views

CVE-2013-0629

Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.

7.5CVSS9.3AI score0.80964EPSS

CVE•added 2013/01/09 1:55 a.m.•950 views

CVE-2013-0631

Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013.

7.5CVSS8.9AI score0.78752EPSS

CVE•added 2013/01/09 1:55 a.m.•948 views

CVE-2013-0625

Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.

9.8CVSS9.8AI score0.8656EPSS