Test your ColdFusion Server for Security Vulnerabilities

Example Free Email Report

Server Domain:
Email:
I agree to the Terms of Service & Privacy Policy


We ask for your email in order to avoid malicious use of this tool. The report is sent to the email you provide.

How Does it Work?

We make a series of requests to your web site looking for the absence of security hotfixes. This tool will place a very small amount of load on your server. None of the requests we make will compromise your server.

What Can it find?

We can detect the absence of several security hotfixes, and insecure configuration settings. Here are some of the things we can detect:

• ColdFusion 9 Solr Service Exposed (APSB10-04, CVE-2010-0185)
• ColdFusion 8 FCKeditor Vulnerability (APSB09-09, CVE-2009-2265)
• Apache Double Encoded Null Byte Vulnerability (APSB09-12, CVE-2009-1876)
• Cross Site Scripting Vulnerabilities (APSB09-09, CVE-2009-1877 and CVE-2009-1872)
• And More

Check back as we are always looking to add more detectors.

Who built this site?

Why thanks for asking. This site was built by Foundeo Inc., a Consulting & Products company specializing in Web Application Security.

Foundeo also sells a Web Application Firewall for ColdFusion providing an added layer of protection for your ColdFusion applications. It helps protect your ColdFusion applications from Cross Site Scripting, SQL Injection, and more.

Need Help Securing your Server?

Contact Foundeo Inc. We can help you apply the necessary ColdFusion hotfixes, configure the ColdFusion administrator, and more.