Adobe

Coldfusion

226 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 6.97%
  • Veröffentlicht 25.03.2020 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:31:45

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file inclusion vulnerability. Successful exploitation could lead to arbitrary code execution of files located in the webroot or its subdirectory.

  • EPSS 4.01%
  • Veröffentlicht 19.12.2019 20:15:12
  • Zuletzt bearbeitet 21.11.2024 04:49:35

ColdFusion versions Update 6 and earlier have an insecure inherited permissions of default installation directory vulnerability. Successful exploitation could lead to privilege escalation.

  • EPSS 7.35%
  • Veröffentlicht 27.09.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:49:13

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Security bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

  • EPSS 8.25%
  • Veröffentlicht 27.09.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:49:14

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code execution in the context of the current user.

  • EPSS 18.86%
  • Veröffentlicht 27.09.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:49:14

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. Successful exploitation could lead to Access Control Bypass in the context of the current user.

  • EPSS 17.45%
  • Veröffentlicht 12.06.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:50

ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a file extension blacklist bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

  • EPSS 44.1%
  • Veröffentlicht 12.06.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:50

ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

  • EPSS 17.22%
  • Veröffentlicht 12.06.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:50

ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

  • EPSS 25.7%
  • Veröffentlicht 24.05.2019 19:29:02
  • Zuletzt bearbeitet 21.11.2024 04:47:32

ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

  • EPSS 2.39%
  • Veröffentlicht 24.05.2019 19:29:02
  • Zuletzt bearbeitet 21.11.2024 04:47:32

ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a cross site scripting vulnerability. Successful exploitation could lead to information disclosure .