Vulnerabilities > Allaire > Coldfusion Server > 4.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-06-18 | CVE-2002-0576 | Information Disclosure vulnerability in Allaire Coldfusion Server 4.0/4.5/5.0 ColdFusion 5.0 and earlier on Windows systems allows remote attackers to determine the absolute pathname of .cfm or .dbm files via an HTTP request that contains an MS-DOS device name such as NUL, which leaks the pathname in an error message. | 5.0 |
2001-07-11 | CVE-2001-1120 | Unspecified vulnerability in Allaire Coldfusion Server Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates. | 6.4 |
2000-06-07 | CVE-2000-0538 | Unspecified vulnerability in Allaire Coldfusion Server ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password. | 5.0 |
2000-03-01 | CVE-2000-0189 | Unspecified vulnerability in Allaire Coldfusion Server 4.0/4.0.1/4.5 ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files. | 5.0 |