Lucene search
+L

1124 matches found

Nuclei
Nuclei
added 14 hours ago8 views

Adobe ColdFusion - RDS Arbitrary File Write

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary code execution in the context of the current user. The RDS FILEIO WRITE operation allows unauthenticated...

10CVSS9.4AI score0.28583EPSS
Exploits3References2
The Hacker News
The Hacker News
added 2026/07/08 5:33 a.m.13 views

CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added four security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerabilities are listed below - CVE-2026-48282 CVSS score: 10.0 - A path traversal vulnerability i...

10CVSS8.2AI score0.28583EPSS
Exploits16
CISA KEV Catalog
CISA KEV Catalog
added 2026/07/07 12:0 a.m.28 views

Adobe ColdFusion Path Traversal Vulnerability

Adobe ColdFusion contains a path traversal vulnerability that could lead to arbitrary code execution in the context of the current user...

10CVSS7.9AI score0.28583EPSS
In wildExploits3
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-53900

Name of the Vulnerable Software and Affected Versions Adobe ColdFusion versions prior to 2025.10 Adobe ColdFusion versions prior to 2023.21 Description An unrestricted upload of files with dangerous types allows for arbitrary code execution in the context of the current user. The issue stems from...

10CVSS7.9AI score0.00917EPSS
Exploits0References24
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54766

Name of the Vulnerable Software and Affected Versions ColdFusion versions 2023.20 and earlier ColdFusion version 2025.9 Description An improper input validation issue exists that allows a remote attacker to execute arbitrary code in the context of the current user. This exploitation does not...

10CVSS7.8AI score0.01396EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-49071

CVE-2026-48556 - Adobe ColdFusion Information Disclosure in Administrator Function CVE ID :CVE-2026-48556 Published : June 10, 2026, 6:17 p.m. | 1 hour ago Description :Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link fo...

5.2AI score
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe ColdFusion 路径遍历漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a path traversal vulnerability. This...

9.6CVSS5.3AI score0.07624EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a vulnerability related to input validation...

9.1CVSS5.8AI score0.00555EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a vulnerability related to input validation...

8.1CVSS5.3AI score0.0039EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a vulnerability related to input validation...

10CVSS5.8AI score0.08871EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Adobe ColdFusion 授权问题漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have security vulnerabilities. These vulnerabilitie...

9.1CVSS5.8AI score0.07535EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.24 views

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier have code vulnerabilities. These vulnerabilities stem from...

7.4CVSS6AI score0.00406EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe ColdFusion 跨站脚本漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have cross-site scripting vulnerabilities. These...

5.4CVSS5.1AI score0.00224EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/16 7:0 p.m.108 views

Exploit for Improper Access Control in Adobe Coldfusion

CVE-2023-26360 — Adobe ColdFusion Unauthenticated RCE Python...

9.8CVSS8.2AI score0.97339EPSS
Exploits13
Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.14 views

Adobe ColdFusion deleteVersion Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of Adobe ColdFusion. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the deleteVersion method. T...

5.4CVSS6.1AI score0.08507EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.8 views

Adobe ColdFusion subscribeToEndpoints Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Adobe ColdFusion. Authentication is not required to exploit this vulnerability. The specific flaw exists within the subscribeToEndpoints method. The issue results from a missing critical step during...

6.5CVSS5.8AI score0.00693EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.9 views

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. The version Adobe ColdFusion 2023.18, as well as versions prior to 2025.6, have a vulnerability related to input validation...

7.5CVSS6.7AI score0.00693EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Adobe ColdFusion 资源管理错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.18, 2025.6, and earlier have a resource management vulnerability. This vulnerability...

2.4CVSS5.8AI score0.02912EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Adobe ColdFusion 资源管理错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.18, 2025.6, and earlier have a resource management vulnerability. This vulnerability...

2.4CVSS5.8AI score0.02648EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Adobe ColdFusion 路径遍历漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion prior to 2023.18 and 2025.6 have a path traversal vulnerability. This vulnerability stems from a...

7.7CVSS6.2AI score0.08507EPSS
Exploits0References1
Rows per page
Query Builder