Coldfusion Server Security Vulnerabilities and Issues — Coldfusion Server CVE List

Lucene search

AllaireColdfusion Server

4 matches found

CVE•added 2000/02/04 5:0 a.m.•52 views

CVE-1999-0477

The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly.

7.5CVSS6.6AI score0.06853EPSS

CVE•added 2000/04/18 4:0 a.m.•51 views

CVE-2000-0057

Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information.

7.5CVSS6.5AI score0.0322EPSS

CVE•added 2000/02/04 5:0 a.m.•46 views

CVE-1999-0455

The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.

7.5CVSS6.6AI score0.09129EPSS

CVE•added 2001/03/12 5:0 a.m.•45 views

CVE-1999-0923

Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.

7.5CVSS7.3AI score0.00636EPSS