How to Buy
This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
A web-based application running on the remote Windows host is affected
by multiple vulnerabilities.
The remote Windows host is running a version of ColdFusion that is
affected by the following vulnerabilities :
- A reflected cross-site scripting vulnerability exists
because ColdFusion does not sanitize user-supplied
input. This can be exploited by a remote, authenticated
user when the CFIDE directory is exposed.
- ColdFusion 10 is affected by an unspecified
vulnerability that allows unauthorized remote read
See also :
Apply the relevant hotfixes referenced in Adobe advisory APSB13-27.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.8
Public Exploit Available : true
Nessus Plugin ID: 70915 ()
Bugtraq ID: 6368163682
CVE ID: CVE-2013-5326CVE-2013-5328
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.