Shodan
Vulnerabilities
Vulnerable Software
Allaire:  >> Coldfusion Server  Security Vulnerabilities
CVE-2002-0576
ColdFusion 5.0 and earlier on Windows systems allows remote attackers to determine the absolute pathname of .cfm or .dbm files via an HTTP request that contains an MS-DOS device name such as NUL, which leaks the pathname in an error message.
CVSS Score
5.0
EPSS Score
0.011
Published
2002-06-18
CVE-2001-1120
Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates.
CVSS Score
6.4
EPSS Score
0.018
Published
2001-07-11
CVE-1999-0756
ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility.
CVSS Score
5.0
EPSS Score
0.007
Published
2001-03-12
CVE-1999-0757
The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates.
CVSS Score
2.1
EPSS Score
0.004
Published
2001-03-12
CVE-1999-0760
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.
CVSS Score
10.0
EPSS Score
0.005
Published
2001-03-12
CVE-1999-0922
An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file.
CVSS Score
5.0
EPSS Score
0.008
Published
2001-03-12
CVE-1999-0923
Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.
CVSS Score
7.5
EPSS Score
0.006
Published
2001-03-12
CVE-1999-0924
The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service.
CVSS Score
5.0
EPSS Score
0.007
Published
2001-03-12
CVE-2000-0538
ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password.
CVSS Score
5.0
EPSS Score
0.09
Published
2000-06-07
CVE-2000-0410
ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory.
CVSS Score
5.0
EPSS Score
0.008
Published
2000-05-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved