File inclusion vulnerability in Adobe ColdFusion via unspecified vectors - CVE-2020-3794| ID: oval:org.secpod.oval:def:62057 | Date: (C)2020-03-31 (M)2022-10-10 |
| Class: VULNERABILITY | Family: windows |
The host is installed with Adobe ColdFusion 2016 before Update 14 or 2018 before Update 8 and is prone to a file inclusion vulnerability. A flaw is present in the application, which fails to handle the unspecified vectors. Successful exploitation allows attackers to cause arbitrary code execution of files located in the webroot or its subdirectory.
| Platform: |
| Microsoft Windows 11 |
| Microsoft Windows Server 2022 |
| Microsoft Windows Server 2019 |
| Microsoft Windows Server 2008 |
| Microsoft Windows 7 |
| Microsoft Windows 8 |
| Microsoft Windows 8.1 |
| Microsoft Windows Server 2012 R2 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows Server 2012 |
| Microsoft Windows Server 2016 |
| Microsoft Windows 10 |
| Product: |
| Adobe ColdFusion 2016 |
| Adobe ColdFusion 2018 |
