CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-1999-0760

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1880%
EPSS Percentile23.08th
Published2001年3月12日
Last Modified2026年4月16日

Vulnerability Description

Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.

Affected Platforms (CPE)

📦
Allaire

Coldfusion Server

= 2.0
📦
Allaire

Coldfusion Server

= 3.0
📦
Allaire

Coldfusion Server

= 3.0.1
📦
Allaire

Coldfusion Server

= 3.1
📦
Allaire

Coldfusion Server

= 3.1.1
📦
Allaire

Coldfusion Server

= 3.1.2
📦
Allaire

Coldfusion Server

= 4.0
📦
Allaire

Coldfusion Server

= 4.0.1

References & Advisories

🔗 http://www.allaire.com/handlers/index.cfm?ID=11714&Method=Full
🔗 http://www.securityfocus.com/bid/550
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/3288
🔗 http://www.allaire.com/handlers/index.cfm?ID=11714&Method=Full
🔗 http://www.securityfocus.com/bid/550
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/3288

相關漏洞威脅

CVE-2016-42648.6

The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Update 21 and 11 before Update 10 allows remote attackers to rea...

CVE-2025-618138.2

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference ...

CVE-1999-04777.5

The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile....

CVE-1999-04557.5

The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprca...