Adobe » Coldfusion : Security Vulnerabilities, CVEs, (File inclusion)

CVE-2020-9673

Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.
Max CVSS
7.8
EPSS Score
0.09%
Published
2020-07-17
Updated
2020-09-04

CVE-2020-9672

Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.
Max CVSS
7.8
EPSS Score
0.09%
Published
2020-07-17
Updated
2020-09-04

CVE-2020-3794

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file inclusion vulnerability. Successful exploitation could lead to arbitrary code execution of files located in the webroot or its subdirectory.
Max CVSS
10.0
EPSS Score
0.82%
Published
2020-03-25
Updated
2021-07-21

CVE-2020-3768

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.
Max CVSS
7.8
EPSS Score
0.09%
Published
2020-06-26
Updated
2020-09-04
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close