Vulnerabilities > Adobe > Coldfusion > 8.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-18 | CVE-2009-1878 | Improper Authentication vulnerability in Adobe Coldfusion Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to hijack web sessions via unspecified vectors. | 5.8 |
| 2009-08-18 | CVE-2009-1877 | Cross-Site Scripting vulnerability in Adobe Coldfusion Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1875. | 4.3 |
| 2009-08-18 | CVE-2009-1876 | Unspecified vulnerability in Adobe Coldfusion Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability." | 5.0 |
| 2009-08-18 | CVE-2009-1875 | Cross-Site Scripting vulnerability in Adobe Coldfusion Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion 8.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1877. | 4.3 |
| 2009-08-18 | CVE-2009-1872 | Cross-Site Scripting vulnerability in Adobe Coldfusion Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm. | 4.3 |
| 2008-11-10 | CVE-2008-4831 | Permissions, Privileges, and Access Controls vulnerability in Adobe Coldfusion 7.2/8.0/8.0.1 Unspecified vulnerability in Adobe ColdFusion 8 and 8.0.1 and ColdFusion MX 7.0.2 allows local users to bypass sandbox restrictions, and obtain sensitive information or possibly gain privileges, via unknown vectors. | 7.2 |