Page 7 of 52 results (0.013 seconds)

CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. Successful exploitation could lead to information disclosure. Adobe ColdFusion Update 5 y anteriores y ColdFusion 11 Update 13 y anteriores tienen una vulnerabilidad explotable de procesamiento inseguro de entidades externas XML. Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/103718 https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 6.1EPSS: 0%CPEs: 20EXPL: 0

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure. Adobe ColdFusion Update 5 y anteriores y ColdFusion 11 Update 13 y anteriores tienen una vulnerabilidad explotable de Cross-Site Scripting (XSS). Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/103718 https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 20EXPL: 0

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure. Adobe ColdFusion Update 5 y anteriores y ColdFusion 11 Update 13 y anteriores tienen una vulnerabilidad explotable de Cross-Site Scripting (XSS). Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/103718 https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0

Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. Adobe ColdFusion tiene una vulnerabilidad de inyección de XEE (XML External Entity). Esto afecta al Update 4 y a versiones anteriores para ColdFusion 2016 y al Update 12 y versiones anteriores para ColdFusion 11. • http://www.securityfocus.com/bid/100715 http://www.securitytracker.com/id/1039321 https://helpx.adobe.com/security/products/coldfusion/apsb17-30.html • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 9.8EPSS: 51%CPEs: 18EXPL: 0

Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. Adobe ColdFusion tiene una vulnerabilidad de deserialización de datos no fiables. Esto afecta al Update 4 y a versiones anteriores para ColdFusion 2016 y al Update 12 y versiones anteriores para ColdFusion 11. • http://www.securityfocus.com/bid/100708 http://www.securitytracker.com/id/1039321 https://helpx.adobe.com/security/products/coldfusion/apsb17-30.html • CWE-502: Deserialization of Untrusted Data •