Filtered by vendor Macromedia Subscriptions
Filtered by product Coldfusion Server Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-0535 1 Macromedia 1 Coldfusion Server 2024-11-21 N/A
Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script.