Filtered by vendor Allaire
Subscriptions
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0455 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly. | ||||
| CVE-1999-0477 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly. | ||||
| CVE-1999-0756 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility. | ||||
| CVE-1999-0757 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. | ||||
| CVE-1999-0760 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges. | ||||
| CVE-1999-0800 | 1 Allaire | 1 Forums | 2025-04-03 | N/A |
| The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm. | ||||
| CVE-1999-0922 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file. | ||||
| CVE-1999-0923 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls. | ||||
| CVE-1999-0924 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service. | ||||
| CVE-2000-0050 | 1 Allaire | 1 Spectra | 2025-04-03 | N/A |
| The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs. | ||||
| CVE-2000-0051 | 1 Allaire | 1 Spectra | 2025-04-03 | N/A |
| The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL. | ||||
| CVE-2000-0120 | 1 Allaire | 1 Spectra | 2025-04-03 | N/A |
| The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 allows users to bypass authentication via the bAuthenticated parameter. | ||||
| CVE-2000-0189 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files. | ||||
| CVE-2000-0297 | 1 Allaire | 1 Forums | 2025-04-03 | N/A |
| Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables. | ||||
| CVE-2000-0382 | 1 Allaire | 1 Clustercats | 2025-04-03 | N/A |
| ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site. | ||||
| CVE-2000-0410 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory. | ||||
| CVE-2000-0538 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password. | ||||
| CVE-2000-0862 | 1 Allaire | 1 Spectra | 2025-04-03 | N/A |
| Vulnerability in an administrative interface utility for Allaire Spectra 1.0.1 allows remote attackers to read and modify sensitive configuration information. | ||||
| CVE-2001-1120 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | N/A |
| Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates. | ||||
| CVE-2002-0108 | 1 Allaire | 1 Forums | 2025-04-03 | N/A |
| Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address. | ||||