Allaire: >> Coldfusion Server >> 3.0 Security Vulnerabilities
Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates.
CVSS Score
6.4
EPSS Score
0.018
Published
2001-07-11
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.
CVSS Score
10.0
EPSS Score
0.005
Published
2001-03-12
ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password.
CVSS Score
5.0
EPSS Score
0.09
Published
2000-06-07
The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly.
CVSS Score
7.5
EPSS Score
0.069
Published
1999-12-25