VYPR

Cartweaver Coldfusion

by Application Dynamics

CVEs (2)

  • CVE-2006-2046Apr 26, 2006
    risk 0.03cvss epss 0.04

    Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) keywords parameters in (a) Results.cfm, and the (3) ProdID parameter in (b) Details.cfm.

  • CVE-2006-2047Apr 26, 2006
    risk 0.00cvss epss 0.02

    Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allows remote attackers to obtain sensitive information via an invalid (1) secondary, (2) PageNum_Results, (3) category, or (4) keywords parameter in (a) Results.cfm; or an invalid (5) ProdID parameter in (b)…