Coldfusion Server
Approved changes feed: RSS · Atom
cpe:2.3:a:macromedia:coldfusion_server:4.x:*:*:*:*:*:*:*
part: a version: 4.x update: *
| Vendor | Macromedia (f00ebe2b-9d72-52ca-9cf0-be998a2cdfa0) |
|---|---|
| Product | Coldfusion Server (174b696a-d0ed-59ed-a58b-833f51cff71d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2001-0535 |
vulnerable | 2026-06-03 14:26:01.778698 |
Details available
Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script.
Published: 2001-10-12T04:00:00.000Z
Updated: 2024-08-08T04:21:38.620Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.