CVSS: 4.3EPSS: 92%CPEs: 4EXPL: 1CVE-2013-0629 – Adobe ColdFusion Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2013-0629
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013. Adobe ColdFusion v9.0, v9.0.1, v9.0.2 y v10, cuando una contraseña no está configurada, permite a los atacantes acceder a directorios restringidos a través de vectores no especificados, como se explotó en enero de 2013. Adobe Coldfusion contains a directory traversal vulnerability, which could permit an unauthorized user access to restricted directories. • https://www.exploit-db.com/exploits/24946 http://www.adobe.com/support/security/advisories/apsa13-01.html http://www.adobe.com/support/security/bulletins/apsb13-03.html http://www.securityfocus.com/bid/57165 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 82%CPEs: 3EXPL: 0CVE-2013-0631 – Adobe ColdFusion Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2013-0631
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013. Adobe ColdFusion v9.0, v9.0.1, y v9.0.2 permite a los atacantes obtener información sensible a través de vectores no especificados, como se explotó en enero de 2013. Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server. • http://www.adobe.com/support/security/advisories/apsa13-01.html http://www.adobe.com/support/security/bulletins/apsb13-03.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2012-5675
https://notcve.org/view.php?id=CVE-2012-5675
Adobe ColdFusion 9.0 through 9.0.2, and 10, allows local users to bypass intended shared-hosting sandbox permissions via unspecified vectors. Adobe ColdFusion v9.0 hasta v9.0.2 y v10 permite a usuarios locales evitar permisos de entorno de ejecución seguros en alojamiento compartido a través de vectores no especificados • http://www.adobe.com/support/security/bulletins/apsb12-26.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2012-5674
https://notcve.org/view.php?id=CVE-2012-5674
Unspecified vulnerability in Adobe ColdFusion 10 before Update 5, when Internet Information Services (IIS) is used, allows attackers to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en Adobe ColdFusion v10 antes de Update 5, cuando los Servicios de Internet Information Server (IIS) se utilizan, permite a atacantes provocar una denegación de servicio a través de vectores desconocidos. • http://osvdb.org/87555 http://www.adobe.com/support/security/bulletins/apsb12-25.html https://exchange.xforce.ibmcloud.com/vulnerabilities/80139 •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2012-2048
https://notcve.org/view.php?id=CVE-2012-2048
Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en Adobe ColdFusion 10 y anteriores permite a atacantes provocar una denegación de servicio a través de vectores desconocidos. • http://osvdb.org/85317 http://secunia.com/advisories/50523 http://www.adobe.com/support/security/bulletins/apsb12-21.html http://www.securitytracker.com/id?1027516 https://exchange.xforce.ibmcloud.com/vulnerabilities/78410 •