Adobe

Coldfusion

208 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2011-0584

  • EPSS 2.2%
  • Veröffentlicht 10.02.2011 16:00:33
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to hijack web sessions via unspecified vectors.

4.3

CVE-2011-0580

  • EPSS 1.63%
  • Veröffentlicht 10.02.2011 16:00:32
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple cross-site scripting (XSS) vulnerabilities in the administrator console in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3

CVE-2011-0581

  • EPSS 2.39%
  • Veröffentlicht 10.02.2011 16:00:32
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified tags.

5

CVE-2011-0582

  • EPSS 3.08%
  • Veröffentlicht 10.02.2011 16:00:32
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Unspecified vulnerability in the administrator console in Adobe ColdFusion 8.0 through 9.0.1 allows attackers to obtain sensitive information via unknown vectors.

5

CVE-2011-0737

Exploit
  • EPSS 0.89%
  • Veröffentlicht 01.02.2011 18:00:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to obtain sensitive information via an id=- query to a .cfm file, which reveals the installation path in an error message. NOTE: the vendor disputes the significance of this issue becau...

4.3

CVE-2011-0733

Exploit
  • EPSS 1.69%
  • Veröffentlicht 01.02.2011 18:00:03
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm file.

4.3

CVE-2011-0734

Exploit
  • EPSS 1.69%
  • Veröffentlicht 01.02.2011 18:00:03
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via an id parameter containing a JavaScript onLoad event handler for a BODY element, related to a "tag body"...

4.3

CVE-2011-0735

Exploit
  • EPSS 0.94%
  • Veröffentlicht 01.02.2011 18:00:03
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via vectors involving a "tag script."

4.3

CVE-2011-0736

Exploit
  • EPSS 0.82%
  • Veröffentlicht 01.02.2011 18:00:03
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=- query to a .cfm file. NOTE: the vendor disputes...

9.8

CVE-2010-2861

Warnung Exploit
  • EPSS 94.15%
  • Veröffentlicht 11.08.2010 18:47:51
  • Zuletzt bearbeitet 21.04.2026 21:13:05

Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/sett...