Adobe

Coldfusion

226 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.57%
  • Veröffentlicht 10.02.2011 16:00:32
  • Zuletzt bearbeitet 16.06.2026 23:27:41

Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified tags.

  • EPSS 3.81%
  • Veröffentlicht 10.02.2011 16:00:32
  • Zuletzt bearbeitet 16.06.2026 23:27:41

Unspecified vulnerability in the administrator console in Adobe ColdFusion 8.0 through 9.0.1 allows attackers to obtain sensitive information via unknown vectors.

Exploit
  • EPSS 2.78%
  • Veröffentlicht 01.02.2011 18:00:04
  • Zuletzt bearbeitet 16.06.2026 23:27:58

Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to obtain sensitive information via an id=- query to a .cfm file, which reveals the installation path in an error message. NOTE: the vendor disputes the significance of this issue becau...

Exploit
  • EPSS 4.09%
  • Veröffentlicht 01.02.2011 18:00:03
  • Zuletzt bearbeitet 16.06.2026 23:27:58

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm file.

Exploit
  • EPSS 4.09%
  • Veröffentlicht 01.02.2011 18:00:03
  • Zuletzt bearbeitet 16.06.2026 23:27:58

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via an id parameter containing a JavaScript onLoad event handler for a BODY element, related to a "tag body"...

Exploit
  • EPSS 2.62%
  • Veröffentlicht 01.02.2011 18:00:03
  • Zuletzt bearbeitet 16.06.2026 23:27:58

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via vectors involving a "tag script."

Exploit
  • EPSS 2.72%
  • Veröffentlicht 01.02.2011 18:00:03
  • Zuletzt bearbeitet 16.06.2026 23:27:58

Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=- query to a .cfm file. NOTE: the vendor disputes...

Warnung Exploit
  • EPSS 99.72%
  • Veröffentlicht 11.08.2010 18:47:51
  • Zuletzt bearbeitet 16.06.2026 23:21:38

Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/sett...

  • EPSS 2.41%
  • Veröffentlicht 13.05.2010 17:30:02
  • Zuletzt bearbeitet 16.06.2026 23:18:02

Cross-site scripting (XSS) vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • EPSS 0.85%
  • Veröffentlicht 13.05.2010 17:30:02
  • Zuletzt bearbeitet 16.06.2026 23:18:02

Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows local users to obtain sensitive information via unknown vectors.