Macromedia Coldfusion Fusebox vulnerabilities
2 known vulnerabilities affecting macromedia/coldfusion_fusebox.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2005-2480P4MEDIUMCVSS 4.3PoCv4.1.02005-08-05
CVE-2005-2480 [MEDIUM] CVE-2005-2480: Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 allows remote attackers to inje
Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter, which is not quoted in an error page, as demonstrated using index.cfm.
nvd
CVE-2005-2481P4MEDIUMCVSS 5.0v4.1.02005-08-05
CVE-2005-2481 [MEDIUM] CVE-2005-2481: ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive information via an invalid fuse
ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive information via an invalid fuseaction parameter, which leaks the full server path in an error message, as demonstrated using the "?" (question mark) character.
nvd