Page 2 of 13 results (0.009 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file. • http://www.allaire.com/handlers/index.cfm?ID=8739&Method=Full •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service. • http://www.allaire.com/handlers/index.cfm?ID=8739&Method=Full http://www.osvdb.org/3236 https://exchange.xforce.ibmcloud.com/vulnerabilities/1742 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls. • http://www.allaire.com/handlers/index.cfm?ID=8739&Method=Full •

CVSS: 5.0EPSS: 2%CPEs: 10EXPL: 1

ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password. • https://www.exploit-db.com/exploits/19996 http://marc.info/?l=bugtraq&m=96045469627806&w=2 http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Full http://www.osvdb.org/3399 http://www.securityfocus.com/bid/1314 https://exchange.xforce.ibmcloud.com/vulnerabilities/4611 •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0

ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files. • http://www.securityfocus.com/bid/1021 •