7 matches found
CVE-2026-48316 ColdFusion | Improper Input Validation (CWE-20)
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...
CVE-2026-48283
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...
CVE-2026-48281
CVE-2026-48281 affects Adobe ColdFusion versions 2025.9, 2023.20 and earlier. The issue is an Improper Input Validation vulnerability that could allow arbitrary code execution in the context of the current user, with no user interaction required. The CVSS vector indicates network access, low atta...
CVE-2026-48281 ColdFusion | Improper Input Validation (CWE-20)
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...
CVE-2026-48307
CVE-2026-48307 affects ColdFusion versions 2025.9, 2023.20 and earlier and is a reflected Cross-Site Scripting vulnerability (CWE-79). An attacker can inject malicious scripts into a web page, potentially leading to arbitrary code execution in the context of the current user. Exploitation require...
CVE-2026-48282 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interactio...
PT-2026-53903
Name of the Vulnerable Software and Affected Versions ColdFusion versions 2025.9 and 2023.20 and earlier Description An improper limitation of a pathname to a restricted directory, known as Path Traversal, allows for arbitrary code execution in the context of the current user. This issue can be...