Back to search
CVE-2001-0535
Published: Oct 12, 2001
Modified: Aug 8, 2024
PUBLISHED
Description
Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
MPSB01-08
vendor-advisory
x_refsource_ALLAIRE
20010807 Remote Vulnerabilities in Macromedia ColdFusion Example Applications
third-party-advisory
x_refsource_ISS
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now