Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Adobe Subscribe
Filtered by product Coldfusion
Total 128 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-5859 1 Adobe 1 Coldfusion 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 7.0 and 7.0.1, when Global Script Protection is not enabled, allows remote attackers to inject arbitrary HTML and web script via unknown vectors, possibly related to Linkdirect.cfm, Topnav.cfm, and Welcomedoc.cfm.
CVE-2010-1294 1 Adobe 1 Coldfusion 2010-05-13 2.1 LOW N/A
Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows local users to obtain sensitive information via unknown vectors.
CVE-2009-3467 1 Adobe 1 Coldfusion 2010-05-13 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in an unspecified method in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2010-1293 1 Adobe 1 Coldfusion 2010-05-13 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-1876 1 Adobe 1 Coldfusion 2009-08-25 5.0 MEDIUM N/A
Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability."
CVE-2009-1875 1 Adobe 1 Coldfusion 2009-08-25 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion 8.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1877.
CVE-2009-1877 1 Adobe 1 Coldfusion 2009-08-25 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1875.
CVE-2009-1878 1 Adobe 1 Coldfusion 2009-08-25 5.8 MEDIUM N/A
Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to hijack web sessions via unspecified vectors.