CVE-2013-3336

EXPLOITED

Adobe ColdFusion <10 - Info Disclosure

Title source: llm

Description

Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors.

Exploits (2)

exploitdb WORKING POC
by HTP · pythonwebappsmultiple
https://www.exploit-db.com/exploits/25305
metasploit WORKING POC
by HTP, sinn3r, nebulus · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/coldfusion_pwd_props.rb

References (3)

Scores

EPSS 0.8589
EPSS Percentile 99.4%

Details

VulnCheck KEV 2013-05-14
Status published
Products (4)
adobe/coldfusion 9.0
adobe/coldfusion 9.0.1
adobe/coldfusion 9.0.2
adobe/coldfusion 10.0
Published May 09, 2013
Tracked Since Feb 18, 2026