Download
| Alert*
oval:org.secpod.oval:def:1275
The host is installed with Adobe ColdFusion and is prone to cross-site request forgery (CSRF) vulnerability. A flaw is present in the application which fails to properly handle unauthorized actions. Successful exploitation allows remote attacker to hijack the authentication oval:org.secpod.oval:def:1274 The host is installed with Adobe ColdFusion and is prone to denial of service vulnerability. A flaw is present in the application which fails to properly handle specially crafted data. Successful exploitation allows remote attacker to cause denial of service conditions. oval:org.secpod.oval:def:9415 The host is installed with Adobe ColdFusion 9.0, 9.0.1 or 9.0.2 and is prone to remote authentication bypass vulnerability. A flaw is present in the application due to improper password configuration. Successful exploitation allows remote attackers to execute arbitrary code via unspecified vectors. oval:org.secpod.oval:def:9459 The host is missing an important security update according to Adobe security bulletin, APSB12-06. The update is required to fix denial of service vulnerability. A flaw is present in the application, which fails to properly handle the hash values for form parameters. Successful exploitation allows re ... oval:org.secpod.oval:def:9416 The host is missing an important security update according to Adobe security bulletin, APSB13-03. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to execute a ... oval:org.secpod.oval:def:9455 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the cfform tag components in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to inject arbitrary we ... oval:org.secpod.oval:def:9412 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to remote authentication bypass vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to execute arbitrary code via unspecified vectors. oval:org.secpod.oval:def:9456 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the RDS components in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to inject arbitrary web scrip ... oval:org.secpod.oval:def:9413 The host is installed with Adobe ColdFusion 9.0, 9.0.1 or 9.0.2 and is prone to information disclosure vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to gain sensitive information via unspecified vectors. oval:org.secpod.oval:def:9457 The host is missing an important security update according to Adobe security bulletin, APSB11-29. The update is required to fix multiple cross-site scripting vulnerabilities. The flaws are present in the RDS and cfform tag components in the application, which fails to properly handle the vectors. Su ... oval:org.secpod.oval:def:9414 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to unauthorized access vulnerability. A flaw is present due to improper password configuration. Successful exploitation allows remote attackers to access restricted directories via unspecified vectors. oval:org.secpod.oval:def:9458 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle the hash values for form parameters. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:9453 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to Multiple directory traversal vulnerabilities. The flaws are present due to error in the administrator console which are CFIDE/administrator/settings/mappings.cfm, logging/settings.cfm, datasources/index.cfm, j2eepacka ... oval:org.secpod.oval:def:9454 The host is missing an important security update according to Adobe security bulletin, APSB10-18. The update is required to fix multiple directory traversal vulnerabilities. The flaws are present due to error in the administrator console which are CFIDE/administrator/settings/mappings.cfm, logging/s ... oval:org.secpod.oval:def:9426 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the RDS components in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to inject arbitrary web scrip ... oval:org.secpod.oval:def:9427 The host is missing an important security update according to Adobe security bulletin, APSB11-29. The update is required to fix multiple cross-site scripting vulnerabilities. The flaws are present in the RDS and cfform tag components in the application, which fails to properly handle the vectors. Su ... oval:org.secpod.oval:def:9428 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle the hash values for form parameters. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:9429 The host is missing an important security update according to Adobe security bulletin, APSB12-06. The update is required to fix denial of service vulnerability. A flaw is present in the application, which fails to properly handle the hash values for form parameters. Successful exploitation allows re ... oval:org.secpod.oval:def:9423 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to Multiple directory traversal vulnerabilities. The flaws are present due to error in the administrator console which are CFIDE/administrator/settings/mappings.cfm, logging/settings.cfm, datasources/index.cfm, j2eepacka ... oval:org.secpod.oval:def:9424 The host is missing an important security update according to Adobe security bulletin, APSB10-18. The update is required to fix multiple directory traversal vulnerabilities. The flaws are present in the administrator console which are CFIDE/administrator/settings/mappings.cfm, logging/settings.cfm, ... oval:org.secpod.oval:def:9425 The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the cfform tag components in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to inject arbitrary we ... oval:org.secpod.oval:def:9462 The host is installed with Adobe ColdFusion 10, 9.0.2, 9.0.1, 9.0, 8.0.1 or 8.0 and is prone to denial of service vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:9463 The host is missing an important security update according to Adobe security bulletin, APSB12-21. The update is required to fix denial of service. A flaw is present in the application. Successful exploitation allows remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:9464 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to bypass intended shared-hosting sandbox permissions via ... oval:org.secpod.oval:def:9465 The host is missing an important security update according to Adobe security bulletin, APSB12-26. The update is required to fix security bypass vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to bypass int ... oval:org.secpod.oval:def:9437 The host is missing an important security update according to Adobe security bulletin, APSB11-14. The update is required to fix denial of service vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to cause a ... oval:org.secpod.oval:def:9433 The host is missing an important security update according to Adobe security bulletin, APSB12-21. The update is required to fix denial of service. A flaw is present in the application. Successful exploitation allows remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:9434 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to bypass intended shared-hosting sandbox permissions via ... oval:org.secpod.oval:def:9435 The host is missing an important security update according to Adobe security bulletin, APSB12-26. The update is required to fix security bypass vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to bypass int ... oval:org.secpod.oval:def:9436 The host is missing an important security update according to Adobe security bulletin, APSB11-04. The update is required to fix session fixation vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to hijack we ... oval:org.secpod.oval:def:552 The host is installed with Adobe Coldfusion and is prone to session fixation vulnerability. A flaw is present in the application 8.0 through 9.0.1 caused by an unspecified error which will persuade a victim to visit a specially-crafted link and log into the application. Successful exploitation allow ... oval:org.secpod.oval:def:554 The host is installed with Adobe Coldfusion and is prone to unspecified vulnerability. A flaw is present in the application 8.0 through 9.0.1 caused by an error in the ColdFusion administrator console. Successful exploitation allows attackers to obtain sensitive information via unknown vectors. oval:org.secpod.oval:def:553 The host is installed with Adobe Coldfusion and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application 8.0 through 9.0.1 where it fails to properly validate user-supplied input. Successful exploitation allows remote attackers to inject arbitrary web script or HTML ... oval:org.secpod.oval:def:9432 The host is installed with Adobe ColdFusion 10, 9.0.2, 9.0.1, 9.0, 8.0.1 or 8.0 and is prone to denial of service vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:9444 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to unauthorized access vulnerability. A flaw is present due to improper password configuration. Successful exploitation allows remote attackers to access restricted directories via unspecified vectors. oval:org.secpod.oval:def:9445 The host is installed with Adobe ColdFusion 9.0, 9.0.1 or 9.0.2 and is prone to remote authentication bypass vulnerability. A flaw is present in the application due to improper password configuration. Successful exploitation allows remote attackers to execute arbitrary code via unspecified vectors. oval:org.secpod.oval:def:9446 The host is missing an important security update according to Adobe security bulletin, APSB13-03. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to execute a ... oval:org.secpod.oval:def:556 The host is installed with Adobe Coldfusion and is prone to multiple cross-site scripting (XSS) vulnerabilities. The flaws are in the application 8.0 through 9.0.1 which is caused by improper validation of user-supplied input by multiple scripts. Successful exploitation allows remote attackers to in ... oval:org.secpod.oval:def:555 The host is installed with Adobe Coldfusion and is prone to multiple CRLF injection vulnerabilities. The flaws are present in the application 8.0 through 9.0.1 caused by improper validation of user-supplied input which will persuade a victim to click on a specially-crafted URL link containing CRLF c ... oval:org.secpod.oval:def:9442 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 or 10 and is prone to remote authentication bypass vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to execute arbitrary code via unspecified vectors. oval:org.secpod.oval:def:9443 The host is installed with Adobe ColdFusion 9.0, 9.0.1, 9.0.2 and is prone to information disclosure vulnerability. A flaw is present in the application. Successful exploitation allows remote attackers to gain sensitive information via unspecified vectors. |