Vulnerabilities > Adobe > Coldfusion > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-11-13 | CVE-2013-5326 | Cross-Site Scripting vulnerability in Adobe Coldfusion Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 12, 9.0.1 before Update 11, 9.0.2 before Update 6, and 10 before Update 12, when the CFIDE directory is available, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the logviewer directory. | 3.5 |
2010-05-13 | CVE-2010-1294 | Information Exposure vulnerability in Adobe Coldfusion Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows local users to obtain sensitive information via unknown vectors. | 2.1 |
2006-12-12 | CVE-2006-6483 | Cross-Site Scripting vulnerability in ColdFusion MX Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML tags when protecting against cross-site scripting (XSS) attacks, which allows remote attackers to inject arbitrary web script or HTML via a NULL byte (%00) in certain HTML tags, as demonstrated using "%00script" in a tag. | 2.6 |
2006-09-14 | CVE-2006-4726 | Cross-Site Scripting vulnerability in Adobe ColdFusion Error Page Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page. | 2.6 |