CVE-2015-8052
https://notcve.org/view.php?id=CVE-2015-8052
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8053. Vulnerabilidad de XSS en Adobe ColdFusion 10 en versiones anteriores a Update 18 y 11 en versiones anteriores a Update 7 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-8053. • http://www.securityfocus.com/bid/77625 http://www.securitytracker.com/id/1034211 https://helpx.adobe.com/security/products/coldfusion/apsb15-29.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-8053
https://notcve.org/view.php?id=CVE-2015-8053
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8052. Vulnerabilidad de XSS en Adobe ColdFusion 10 en versiones anteriores a Update 18 y 11 en versiones anteriores a Update 7 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-8052. • http://www.securityfocus.com/bid/77625 http://www.securitytracker.com/id/1034211 https://helpx.adobe.com/security/products/coldfusion/apsb15-29.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-0345
https://notcve.org/view.php?id=CVE-2015-0345
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 16 and 11 before Update 5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Adobe ColdFusion 10 anterior a Update 16 y 11 anterior a Update 5 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securitytracker.com/id/1032106 https://helpx.adobe.com/security/products/coldfusion/apsb15-07.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2014-9166
https://notcve.org/view.php?id=CVE-2014-9166
Adobe ColdFusion 10 before Update 15 and 11 before Update 3 allows attackers to cause a denial of service (resource consumption) via unspecified vectors. Adobe ColdFusion 10 anterior a Update 15 y 11 anterior a Update 3 permite a atacantes causar una denegación de servicio (consumo de recursos) a través de vectores no especificados. • http://helpx.adobe.com/security/products/coldfusion/apsb14-29.html •
CVE-2014-0570
https://notcve.org/view.php?id=CVE-2014-0570
Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de CSRF en Adobe ColdFusion 9.0 anterior a Update 13, 9.0.1 anterior a Update 12, 9.0.2 anterior a Update 7, 10 anterior a Update 14, y 11 anterior a Update 2 permite a atacantes remotos secuestrar la autenticación de victimas no especificadas a través de vectores desconocidos. • http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html http://www.securitytracker.com/id/1031020 • CWE-352: Cross-Site Request Forgery (CSRF) •