Vulnerabilities > Adobe > Coldfusion > 7.2

DATE CVE VULNERABILITY TITLE RISK
2023-11-17 CVE-2023-44352 Unspecified vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe
6.1
6.1
2023-09-07 CVE-2021-40698 Unspecified vulnerability in Adobe Coldfusion
ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass??.
network
low complexity
adobe
7.4
7.4
2023-09-07 CVE-2021-40699 Unspecified vulnerability in Adobe Coldfusion
ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path.
network
low complexity
adobe
7.4
7.4
2022-05-12 CVE-2022-28818 Unspecified vulnerability in Adobe Coldfusion
ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe
6.1
6.1
2010-08-11 CVE-2010-2861 Path Traversal vulnerability in Adobe Coldfusion
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/.
network
low complexity
adobe CWE-22
critical
 9.8
9.8