Vulnerabilities (CVE)

Filtered by vendor Adobe Subscribe
Filtered by product Jrun
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-1874 1 Adobe 1 Jrun 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Adobe JRun 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-1873 1 Adobe 1 Jrun 2024-11-21 4.0 MEDIUM N/A
Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter.
CVE-2007-1278 2 Adobe, Microsoft 3 Coldfusion, Jrun, Internet Information Server 2024-11-21 4.3 MEDIUM N/A
Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root.
CVE-2006-5860 1 Adobe 2 Coldfusion, Jrun 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the administrator console for Adobe JRun 4.0, as used in ColdFusion, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2006-5858 2 Adobe, Microsoft 3 Coldfusion, Jrun, Internet Information Services 2024-11-21 5.0 MEDIUM N/A
Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file.