Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:adobe:coldfusion:7.2:unknown:mx:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2010-1294 |
Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows local users to obtain sensitive information via unknown vectors. Published: May 13, 2010; 1:30:02 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2010-1293 |
Cross-site scripting (XSS) vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: May 13, 2010; 1:30:02 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-3467 |
Cross-site scripting (XSS) vulnerability in an unspecified method in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Published: May 13, 2010; 1:30:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-1878 |
Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to hijack web sessions via unspecified vectors. Published: August 18, 2009; 6:30:00 PM -0400 |
V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2009-1877 |
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1875. Published: August 18, 2009; 6:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-1876 |
Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability." Published: August 18, 2009; 6:30:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2009-1875 |
Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion 8.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1877. Published: August 18, 2009; 6:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-1872 |
Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm. Published: August 18, 2009; 6:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2008-4831 |
Unspecified vulnerability in Adobe ColdFusion 8 and 8.0.1 and ColdFusion MX 7.0.2 allows local users to bypass sandbox restrictions, and obtain sensitive information or possibly gain privileges, via unknown vectors. Published: November 10, 2008; 9:12:55 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |