Download
| Alert*
|
oval:org.secpod.oval:def:1275
The host is installed with Adobe ColdFusion and is prone to cross-site request forgery (CSRF) vulnerability. A flaw is present in the application which fails to properly handle unauthorized actions. Successful exploitation allows remote attacker to hijack the authentication oval:org.secpod.oval:def:1274 The host is installed with Adobe ColdFusion and is prone to denial of service vulnerability. A flaw is present in the application which fails to properly handle specially crafted data. Successful exploitation allows remote attacker to cause denial of service conditions. oval:org.secpod.oval:def:9415 The host is installed with Adobe ColdFusion 9.0, 9.0.1 or 9.0.2 and is prone to remote authentication bypass vulnerability. A flaw is present in the application due to improper password configuration. Successful exploitation allows remote attackers to execute arbitrary code via unspecified vectors. oval:org.secpod.oval:def:9459 The host is missing an important security update according to Adobe security bulletin, APSB12-06. The update is required to fix denial of service vulnerability. A flaw is present in the application, which fails to properly handle the hash values for form parameters. Successful exploitation allows re ... oval:org.secpod.oval:def:9416 The host is missing an important security update according to Adobe security bulletin, APSB13-03. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to execute a ... oval:org.secpod.oval:def:9417 The host is installed with Adobe ColdFusion 8.0, 8.0.1 or 9.0 and is prone to cross-site scripting vulnerability. A flaw is present in the application due to an error in a method. Successful exploitation allows remote attackers to inject arbitrary web script or HTML via unknown vectors. oval:org.secpod.oval:def:9418 The host is installed with Adobe ColdFusion 8.0, 8.0.1 or 9.0 and is prone to cross-site scripting vulnerability. A flaw is present in the application due to an error in the Administrator page. Successful exploitation allows remote attackers to inject arbitrary web script or HTML via unknown vectors ... oval:org.secpod.oval:def:9455 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the cfform tag components in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to inject arbitrary we ... oval:org.secpod.oval:def:9412 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to remote authentication bypass vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to execute arbitrary code via unspecified vectors. oval:org.secpod.oval:def:9456 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the RDS components in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to inject arbitrary web scrip ... oval:org.secpod.oval:def:9413 The host is installed with Adobe ColdFusion 9.0, 9.0.1 or 9.0.2 and is prone to information disclosure vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to gain sensitive information via unspecified vectors. oval:org.secpod.oval:def:9457 The host is missing an important security update according to Adobe security bulletin, APSB11-29. The update is required to fix multiple cross-site scripting vulnerabilities. The flaws are present in the RDS and cfform tag components in the application, which fails to properly handle the vectors. Su ... oval:org.secpod.oval:def:9414 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to unauthorized access vulnerability. A flaw is present due to improper password configuration. Successful exploitation allows remote attackers to access restricted directories via unspecified vectors. oval:org.secpod.oval:def:9458 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle the hash values for form parameters. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:9419 The host is installed with Adobe ColdFusion 8.0, 8.0.1 or 9.0 and is prone to information disclosure vulnerability. A flaw is present in the application due to affected module. Successful exploitation allows remote attackers to obtain sensitive information via unspecified vectors. oval:org.secpod.oval:def:9451 The host is installed with Adobe ColdFusion 9.0 and is prone to information disclosure vulnerability. A flaw is present in the collections created by the Solr Service. Successful exploitation allows remote attackers to obtain collection metadata, search information, and index data via a request to a ... oval:org.secpod.oval:def:9452 The host is missing an important security update according to Adobe security bulletin, APSB10-04. The update is required to fix multiple vulnerabilities. A flaw is present in the collections created by the Solr Service. Successful exploitation allows remote attackers to obtain collection metadata, s ... oval:org.secpod.oval:def:9453 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to Multiple directory traversal vulnerabilities. The flaws are present due to error in the administrator console which are CFIDE/administrator/settings/mappings.cfm, logging/settings.cfm, datasources/index.cfm, j2eepacka ... oval:org.secpod.oval:def:9454 The host is missing an important security update according to Adobe security bulletin, APSB10-18. The update is required to fix multiple directory traversal vulnerabilities. The flaws are present due to error in the administrator console which are CFIDE/administrator/settings/mappings.cfm, logging/s ... oval:org.secpod.oval:def:9450 The host is missing an important security update according to Adobe security bulletin, APSB10-11. The update is required to fix multiple vulnerabilities. The flaws are present in the application due to an error in the Administrator page and other modules, which fails to properly handle the vectors. ... oval:org.secpod.oval:def:9426 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the RDS components in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to inject arbitrary web scrip ... oval:org.secpod.oval:def:9427 The host is missing an important security update according to Adobe security bulletin, APSB11-29. The update is required to fix multiple cross-site scripting vulnerabilities. The flaws are present in the RDS and cfform tag components in the application, which fails to properly handle the vectors. Su ... oval:org.secpod.oval:def:9428 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle the hash values for form parameters. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:9429 The host is missing an important security update according to Adobe security bulletin, APSB12-06. The update is required to fix denial of service vulnerability. A flaw is present in the application, which fails to properly handle the hash values for form parameters. Successful exploitation allows re ... oval:org.secpod.oval:def:9422 The host is missing an important security update according to Adobe security bulletin, APSB10-04. The update is required to fix multiple vulnerabilities. A flaw is present in the collections created by the Solr Service. Successful exploitation allows remote attackers to obtain collection metadata, s ... oval:org.secpod.oval:def:9423 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to Multiple directory traversal vulnerabilities. The flaws are present due to error in the administrator console which are CFIDE/administrator/settings/mappings.cfm, logging/settings.cfm, datasources/index.cfm, j2eepacka ... oval:org.secpod.oval:def:9424 The host is missing an important security update according to Adobe security bulletin, APSB10-18. The update is required to fix multiple directory traversal vulnerabilities. The flaws are present in the administrator console which are CFIDE/administrator/settings/mappings.cfm, logging/settings.cfm, ... oval:org.secpod.oval:def:9425 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the cfform tag components in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to inject arbitrary we ... oval:org.secpod.oval:def:9462 The host is installed with Adobe ColdFusion 10, 9.0.2, 9.0.1, 9.0, 8.0.1 or 8.0 and is prone to denial of service vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:9463 The host is missing an important security update according to Adobe security bulletin, APSB12-21. The update is required to fix denial of service. A flaw is present in the application. Successful exploitation allows remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:9420 The host is missing an important security update according to Adobe security bulletin, APSB10-11. The update is required to fix multiple vulnerabilities. The flaws are present in the application due to an error in the Administrator page and other modules, which fails to properly handle the vectors. ... oval:org.secpod.oval:def:9464 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to bypass intended shared-hosting sandbox permissions via ... oval:org.secpod.oval:def:9421 The host is installed with Adobe ColdFusion 9.0 and is prone to information disclosure vulnerability. A flaw is present in the collections created by the Solr Service. Successful exploitation allows remote attackers to obtain collection metadata, search information, and index data via a request to a ... oval:org.secpod.oval:def:9465 The host is missing an important security update according to Adobe security bulletin, APSB12-26. The update is required to fix security bypass vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to bypass int ... oval:org.secpod.oval:def:9460 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to CRLF injection vulnerability. A flaw is present in the Component Browser in Adobe ColdFusion, which fails to properly handle user supplied input. Successful exploitation allows remote attackers inject arbitrary HTTP h ... oval:org.secpod.oval:def:9461 The host is missing an important security update according to Adobe security bulletin, APSB12-15. The update is required to fix CRLF injection vulnerability. A flaw is present in the Component Browser in Adobe ColdFusion, which fails to properly handle user supplied input. Successful exploitation al ... oval:org.secpod.oval:def:9437 The host is missing an important security update according to Adobe security bulletin, APSB11-14. The update is required to fix denial of service vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to cause a ... oval:org.secpod.oval:def:9433 The host is missing an important security update according to Adobe security bulletin, APSB12-21. The update is required to fix denial of service. A flaw is present in the application. Successful exploitation allows remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:9434 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to bypass intended shared-hosting sandbox permissions via ... oval:org.secpod.oval:def:9435 The host is missing an important security update according to Adobe security bulletin, APSB12-26. The update is required to fix security bypass vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to bypass int ... oval:org.secpod.oval:def:9436 The host is missing an important security update according to Adobe security bulletin, APSB11-04. The update is required to fix session fixation vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to hijack we ... oval:org.secpod.oval:def:552 The host is installed with Adobe Coldfusion and is prone to session fixation vulnerability. A flaw is present in the application 8.0 through 9.0.1 caused by an unspecified error which will persuade a victim to visit a specially-crafted link and log into the application. Successful exploitation allow ... oval:org.secpod.oval:def:554 The host is installed with Adobe Coldfusion and is prone to unspecified vulnerability. A flaw is present in the application 8.0 through 9.0.1 caused by an error in the ColdFusion administrator console. Successful exploitation allows attackers to obtain sensitive information via unknown vectors. oval:org.secpod.oval:def:553 The host is installed with Adobe Coldfusion and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application 8.0 through 9.0.1 where it fails to properly validate user-supplied input. Successful exploitation allows remote attackers to inject arbitrary web script or HTML ... oval:org.secpod.oval:def:9430 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to CRLF injection vulnerability. A flaw is present in the Component Browser in Adobe ColdFusion, which fails to properly handle user supplied input. Successful exploitation allows remote attackers inject arbitrary HTTP h ... oval:org.secpod.oval:def:9431 The host is missing an important security update according to Adobe security bulletin, APSB12-15. The update is required to fix CRLF injection vulnerability. A flaw is present in the Component Browser in Adobe ColdFusion, which fails to properly handle user supplied input. Successful exploitation al ... oval:org.secpod.oval:def:9432 The host is installed with Adobe ColdFusion 10, 9.0.2, 9.0.1, 9.0, 8.0.1 or 8.0 and is prone to denial of service vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:9448 The host is installed with Adobe ColdFusion 8.0, 8.0.1 or 9.0 and is prone to cross-site scripting vulnerability. A flaw is present in the application due to an error in the Administrator page. Successful exploitation allows remote attackers to inject arbitrary web script or HTML via unknown vectors ... oval:org.secpod.oval:def:9449 The host is installed with Adobe ColdFusion 8.0, 8.0.1 or 9.0 and is prone to information disclosure vulnerability. A flaw is present in the application due to affected module. Successful exploitation allows remote attackers to obtain sensitive information via unspecified vectors. oval:org.secpod.oval:def:9444 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to unauthorized access vulnerability. A flaw is present due to improper password configuration. Successful exploitation allows remote attackers to access restricted directories via unspecified vectors. oval:org.secpod.oval:def:9445 The host is installed with Adobe ColdFusion 9.0, 9.0.1 or 9.0.2 and is prone to remote authentication bypass vulnerability. A flaw is present in the application due to improper password configuration. Successful exploitation allows remote attackers to execute arbitrary code via unspecified vectors. oval:org.secpod.oval:def:9446 The host is missing an important security update according to Adobe security bulletin, APSB13-03. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to execute a ... oval:org.secpod.oval:def:9447 The host is installed with Adobe ColdFusion 8.0, 8.0.1 or 9.0 and is prone to cross-site scripting vulnerability. A flaw is present in the application due to an error in a method. Successful exploitation allows remote attackers to inject arbitrary web script or HTML via unknown vectors. oval:org.secpod.oval:def:556 The host is installed with Adobe Coldfusion and is prone to multiple cross-site scripting (XSS) vulnerabilities. The flaws are in the application 8.0 through 9.0.1 which is caused by improper validation of user-supplied input by multiple scripts. Successful exploitation allows remote attackers to in ... oval:org.secpod.oval:def:555 The host is installed with Adobe Coldfusion and is prone to multiple CRLF injection vulnerabilities. The flaws are present in the application 8.0 through 9.0.1 caused by improper validation of user-supplied input which will persuade a victim to click on a specially-crafted URL link containing CRLF c ... oval:org.secpod.oval:def:9442 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to remote authentication bypass vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to execute arbitrary code via unspecified vectors. oval:org.secpod.oval:def:9443 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 and is prone to information disclosure vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to gain sensitive information via unspecified vectors. |
