Adobe » Coldfusion : Security Vulnerabilities, CVEs, (File inclusion)
Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.
Max CVSS
7.8
EPSS Score
0.09%
Published
2020-07-17
Updated
2020-09-04
Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.
Max CVSS
7.8
EPSS Score
0.09%
Published
2020-07-17
Updated
2020-09-04
ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file inclusion vulnerability. Successful exploitation could lead to arbitrary code execution of files located in the webroot or its subdirectory.
Max CVSS
10.0
EPSS Score
0.82%
Published
2020-03-25
Updated
2021-07-21
ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.
Max CVSS
7.8
EPSS Score
0.09%
Published
2020-06-26
Updated
2020-09-04
4 vulnerabilities found