Vulnerabilities > Adobe > Coldfusion > Low

DATE CVE VULNERABILITY TITLE RISK
2013-11-13 CVE-2013-5326 Cross-Site Scripting vulnerability in Adobe Coldfusion
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 12, 9.0.1 before Update 11, 9.0.2 before Update 6, and 10 before Update 12, when the CFIDE directory is available, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the logviewer directory.
network
adobe CWE-79
3.5
3.5
2010-05-13 CVE-2010-1294 Information Exposure vulnerability in Adobe Coldfusion
Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows local users to obtain sensitive information via unknown vectors.
local
low complexity
adobe CWE-200
2.1
2.1
2006-12-12 CVE-2006-6483 Cross-Site Scripting vulnerability in ColdFusion MX
Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML tags when protecting against cross-site scripting (XSS) attacks, which allows remote attackers to inject arbitrary web script or HTML via a NULL byte (%00) in certain HTML tags, as demonstrated using "%00script" in a tag.
network
high complexity
adobe
2.6
2.6
2006-09-14 CVE-2006-4726 Cross-Site Scripting vulnerability in Adobe ColdFusion Error Page
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page.
network
high complexity
adobe
2.6
2.6