Vulnerabilities > Allaire
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-06-18 | CVE-2002-0576 | Information Disclosure vulnerability in Allaire Coldfusion Server 4.0/4.5/5.0 ColdFusion 5.0 and earlier on Windows systems allows remote attackers to determine the absolute pathname of .cfm or .dbm files via an HTTP request that contains an MS-DOS device name such as NUL, which leaks the pathname in an error message. | 5.0 |
| 2002-03-25 | CVE-2002-0108 | Unspecified vulnerability in Allaire Forums Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address. | 7.5 |
| 2001-07-11 | CVE-2001-1120 | Unspecified vulnerability in Allaire Coldfusion Server Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates. | 6.4 |
| 2001-03-12 | CVE-1999-0924 | Unspecified vulnerability in Allaire Coldfusion Server 4.0 The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service. | 5.0 |
| 2001-03-12 | CVE-1999-0923 | Unspecified vulnerability in Allaire Coldfusion Server 4.0 Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls. | 7.5 |
| 2001-03-12 | CVE-1999-0922 | Unspecified vulnerability in Allaire Coldfusion Server 4.0 An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file. | 5.0 |
| 2001-03-12 | CVE-1999-0800 | Unspecified vulnerability in Allaire Forums The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm. | 5.0 |
| 2001-03-12 | CVE-1999-0760 | Unspecified vulnerability in Allaire Coldfusion Server Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges. | 10.0 |
| 2001-03-12 | CVE-1999-0757 | Unspecified vulnerability in Allaire Coldfusion Server The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. | 2.1 |
| 2001-03-12 | CVE-1999-0756 | Unspecified vulnerability in Allaire Coldfusion Server 4.0/4.0.1 ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility. | 5.0 |