IDCVSSSummaryLast (major) updatePublished
CVE-2014-5315 4.3
Cross-site scripting (XSS) vulnerability in the Help page in Adobe Acrobat 9.5.2 and earlier and ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
08-09-2017 - 01:29 26-09-2014 - 10:55
CVE-2011-0733 4.3
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm file.
08-11-2011 - 04:18 01-02-2011 - 18:00
CVE-2010-1294 2.1
Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows local users to obtain sensitive information via unknown vectors. Per: http://www.adobe.com/support/security/bulletins/apsb10-11.html 'Affected software versions ColdFusion
14-05-2010 - 04:00 13-05-2010 - 17:30
CVE-2012-2048 5.0
Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors.
29-08-2017 - 01:31 12-09-2012 - 10:38
CVE-2009-1872 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query s
10-10-2018 - 19:38 18-08-2009 - 22:30
CVE-2009-1875 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion 8.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1877.
26-08-2009 - 05:24 18-08-2009 - 22:30
CVE-2009-3467 4.3
Cross-site scripting (XSS) vulnerability in an unspecified method in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Per: http://www.adobe.com/support/security/bulletins/apsb10-
14-05-2010 - 04:00 13-05-2010 - 17:30
CVE-2009-1877 4.3
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1875.
26-08-2009 - 05:24 18-08-2009 - 22:30
CVE-2010-2861 7.5
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/sett
24-09-2013 - 03:39 11-08-2010 - 18:47
CVE-2010-1293 4.3
Cross-site scripting (XSS) vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Per: http://www.adobe.com/support/security/bulletins/ap
14-05-2010 - 04:00 13-05-2010 - 17:30
CVE-2009-1878 5.8
Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
26-08-2009 - 04:00 18-08-2009 - 22:30
CVE-2009-1876 5.0
Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability."
26-08-2009 - 05:24 18-08-2009 - 22:30
CVE-2010-5290 10.0
The authentication process in Adobe ColdFusion before 10 does not require knowledge of the cleartext password if the password hash is known, which makes it easier for context-dependent attackers to obtain administrative privileges by leveraging read
29-08-2017 - 01:29 20-09-2013 - 16:55
Back to Top Mark selected
Back to Top