CVE-2011-0581
- EPSS 2.57%
- Veröffentlicht 10.02.2011 16:00:32
- Zuletzt bearbeitet 16.06.2026 23:27:41
Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified tags.
- EPSS 3.81%
- Veröffentlicht 10.02.2011 16:00:32
- Zuletzt bearbeitet 16.06.2026 23:27:41
Unspecified vulnerability in the administrator console in Adobe ColdFusion 8.0 through 9.0.1 allows attackers to obtain sensitive information via unknown vectors.
- EPSS 2.78%
- Veröffentlicht 01.02.2011 18:00:04
- Zuletzt bearbeitet 16.06.2026 23:27:58
Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to obtain sensitive information via an id=- query to a .cfm file, which reveals the installation path in an error message. NOTE: the vendor disputes the significance of this issue becau...
CVE-2011-0733
- EPSS 4.09%
- Veröffentlicht 01.02.2011 18:00:03
- Zuletzt bearbeitet 16.06.2026 23:27:58
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm file.
CVE-2011-0734
- EPSS 4.09%
- Veröffentlicht 01.02.2011 18:00:03
- Zuletzt bearbeitet 16.06.2026 23:27:58
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via an id parameter containing a JavaScript onLoad event handler for a BODY element, related to a "tag body"...
CVE-2011-0735
- EPSS 2.62%
- Veröffentlicht 01.02.2011 18:00:03
- Zuletzt bearbeitet 16.06.2026 23:27:58
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via vectors involving a "tag script."
CVE-2011-0736
- EPSS 2.72%
- Veröffentlicht 01.02.2011 18:00:03
- Zuletzt bearbeitet 16.06.2026 23:27:58
Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=- query to a .cfm file. NOTE: the vendor disputes...
CVE-2010-2861
- EPSS 99.72%
- Veröffentlicht 11.08.2010 18:47:51
- Zuletzt bearbeitet 16.06.2026 23:21:38
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/sett...
CVE-2010-1293
- EPSS 2.41%
- Veröffentlicht 13.05.2010 17:30:02
- Zuletzt bearbeitet 16.06.2026 23:18:02
Cross-site scripting (XSS) vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-1294
- EPSS 0.85%
- Veröffentlicht 13.05.2010 17:30:02
- Zuletzt bearbeitet 16.06.2026 23:18:02
Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows local users to obtain sensitive information via unknown vectors.