Adobe

Coldfusion

208 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2010-1293

  • EPSS 0.82%
  • Veröffentlicht 13.05.2010 17:30:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

2.1

CVE-2010-1294

  • EPSS 0.15%
  • Veröffentlicht 13.05.2010 17:30:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows local users to obtain sensitive information via unknown vectors.

4.3

CVE-2009-3467

  • EPSS 0.82%
  • Veröffentlicht 13.05.2010 17:30:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in an unspecified method in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

6.5

CVE-2009-3960

Warnung Exploit
  • EPSS 90.43%
  • Veröffentlicht 15.02.2010 18:30:00
  • Zuletzt bearbeitet 21.04.2026 21:12:29

Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain se...

5

CVE-2010-0185

  • EPSS 1.65%
  • Veröffentlicht 03.02.2010 18:30:00
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The default configuration of Adobe ColdFusion 9.0 does not restrict access to collections that have been created by the Solr Service, which allows remote attackers to obtain collection metadata, search information, and index data via a request to an ...

4.3

CVE-2009-1872

Exploit
  • EPSS 8.9%
  • Veröffentlicht 18.08.2009 22:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query s...

4.3

CVE-2009-1875

  • EPSS 0.67%
  • Veröffentlicht 18.08.2009 22:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion 8.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1877.

5

CVE-2009-1876

  • EPSS 1.48%
  • Veröffentlicht 18.08.2009 22:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability."

4.3

CVE-2009-1877

  • EPSS 0.67%
  • Veröffentlicht 18.08.2009 22:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1875.

5.8

CVE-2009-1878

  • EPSS 0.28%
  • Veröffentlicht 18.08.2009 22:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to hijack web sessions via unspecified vectors.