Coldfusion Security Vulnerabilities and Issues — Coldfusion CVE List

Lucene search

MacromediaColdfusion

2 matches found

CVE•added 2006/05/15 4:6 p.m.•38 views

CVE-2006-2364

Cross-site scripting (XSS) vulnerability in the validation feature in Macromedia ColdFusion 5 and earlier allows remote attackers to inject arbitrary web script or HTML via a "_required" field when the associated normal field is missing or empty, which is not sanitized before being presented in an ...

5.8CVSS5.7AI score0.00248EPSS

CVE•added 2006/08/09 10:4 a.m.•35 views

CVE-2006-3979

The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator.

7.2CVSS7.3AI score0.0002EPSS