This host is running Adobe ColdFusion and is prone to multiple vulnerabilities.
Successful exploitation will allow attackers to disclose the contents of arbitrary files on the system and execute arbitrary code. Impact Level: System/Application
Apply the patch from below link, http://www.adobe.com/support/security/bulletins/apsb13-03.html
Multiple flaws are due to, - The CFIDE/componentutils/cfcexplorer.cfc script not properly sanitizing user input, specifically directory traversal attacks supplied via the 'path' parameter when 'method' is set to: 'getcfcinhtml' and 'name' is set to 'CFIDE.adminapi.administrator'. - The 'ScheduledURL' variable allows specifying an arbitrary resource to save to system as specified by the 'publish_file' variable and then schedule this task to be executed at a set time.
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10
Get the installed version of Adobe ColdFusion with the help of detect NVT and check the version is vulnerable or not.
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
- Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability
- Admidio get_file.php Remote File Disclosure Vulnerability
- 12Planet Chat Server one2planet.infolet.InfoServlet XSS