This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.
A web-based application installed on the remote Windows host is
affected by multiple vulnerabilities.
The remote Windows host is running a version of ColdFusion that is
affected by the following vulnerabilities :
- A reflected cross-site scripting vulnerability exists
because ColdFusion does not sanitize user-supplied
input. This can be exploited by a remote, authenticated
user when the CFIDE directory is exposed.
- ColdFusion 10 is affected by an unspecified
vulnerability that allows unauthorized remote read
See also :
Apply the relevant hotfixes referenced in Adobe advisory APSB13-27.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.8
Public Exploit Available : true
Nessus Plugin ID: 70915 ()
Bugtraq ID: 6368163682
CVE ID: CVE-2013-5326CVE-2013-5328
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.