Page 2 of 15 results (0.007 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service. • http://www.allaire.com/handlers/index.cfm?ID=8739&Method=Full http://www.osvdb.org/3236 https://exchange.xforce.ibmcloud.com/vulnerabilities/1742 •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1

The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. • https://www.exploit-db.com/exploits/19220 http://www.allaire.com/handlers/index.cfm?ID=10969&Method=Full https://exchange.xforce.ibmcloud.com/vulnerabilities/2208 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls. • http://www.allaire.com/handlers/index.cfm?ID=8739&Method=Full •

CVSS: 5.0EPSS: 2%CPEs: 10EXPL: 1

ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password. • https://www.exploit-db.com/exploits/19996 http://marc.info/?l=bugtraq&m=96045469627806&w=2 http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Full http://www.osvdb.org/3399 http://www.securityfocus.com/bid/1314 https://exchange.xforce.ibmcloud.com/vulnerabilities/4611 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory. • http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0005&L=ntbugtraq&F=&S=&P=4843 http://www.securityfocus.com/bid/1192 •