Page 9 of 50 results (0.017 seconds)

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified tags. Múltiples vulnerabilidades de subida de ficheros sin restricción en Adobe ColdFusion v8.0 a v9.0.1 permite a atacantes remotos inyectar cabeceras HTTP de su elección y llevar a cabo ataques de división de respuesta HTTP a través de etiquetas no especificadas. • http://secunia.com/advisories/43264 http://www.adobe.com/support/security/bulletins/apsb11-04.html http://www.securityfocus.com/bid/46281 http://www.securitytracker.com/id?1025036 http://www.vupen.com/english/advisories/2011/0334 https://exchange.xforce.ibmcloud.com/vulnerabilities/65276 • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via the cfform tag. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Adobe ColdFusion v8.0 a v9.0.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de la etiqueta cfform. • http://secunia.com/advisories/43264 http://www.adobe.com/support/security/bulletins/apsb11-04.html http://www.securityfocus.com/bid/46277 http://www.securitytracker.com/id?1025036 http://www.vupen.com/english/advisories/2011/0334 https://exchange.xforce.ibmcloud.com/vulnerabilities/65279 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in the administrator console in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en la consola del administrador en Adobe ColdFusion v8.0 a v9.0.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://secunia.com/advisories/43264 http://www.adobe.com/support/security/bulletins/apsb11-04.html http://www.securityfocus.com/bid/46273 http://www.securitytracker.com/id?1025036 http://www.vupen.com/english/advisories/2011/0334 https://exchange.xforce.ibmcloud.com/vulnerabilities/65277 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to hijack web sessions via unspecified vectors. Vulnerabilidad de fijación de sesión en Adobe Coldfusión v8.0 a la 9.0.1, permite a atacantes remotos secuestrar sesiones web a través de vectores no especificados. • http://secunia.com/advisories/43264 http://www.adobe.com/support/security/bulletins/apsb11-04.html http://www.securityfocus.com/bid/46278 http://www.securitytracker.com/id?1025036 http://www.vupen.com/english/advisories/2011/0334 https://exchange.xforce.ibmcloud.com/vulnerabilities/65280 •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

Unspecified vulnerability in the administrator console in Adobe ColdFusion 8.0 through 9.0.1 allows attackers to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en la consola del administrador en Adobe ColdFusion v8.0 a v9.0.1 permite a atacantes obtener información sensible a través de vectores desconocidos. • http://secunia.com/advisories/43264 http://www.adobe.com/support/security/bulletins/apsb11-04.html http://www.securityfocus.com/bid/46274 http://www.securitytracker.com/id?1025036 http://www.vupen.com/english/advisories/2011/0334 https://exchange.xforce.ibmcloud.com/vulnerabilities/65278 •