1124 matches found
Adobe ColdFusion - RDS Arbitrary File Write
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary code execution in the context of the current user. The RDS FILEIO WRITE operation allows unauthenticated...
CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added four security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerabilities are listed below - CVE-2026-48282 CVSS score: 10.0 - A path traversal vulnerability i...
Adobe ColdFusion Path Traversal Vulnerability
Adobe ColdFusion contains a path traversal vulnerability that could lead to arbitrary code execution in the context of the current user...
PT-2026-53900
Name of the Vulnerable Software and Affected Versions Adobe ColdFusion versions prior to 2025.10 Adobe ColdFusion versions prior to 2023.21 Description An unrestricted upload of files with dangerous types allows for arbitrary code execution in the context of the current user. The issue stems from...
PT-2026-54766
Name of the Vulnerable Software and Affected Versions ColdFusion versions 2023.20 and earlier ColdFusion version 2025.9 Description An improper input validation issue exists that allows a remote attacker to execute arbitrary code in the context of the current user. This exploitation does not...
PT-2026-49071
CVE-2026-48556 - Adobe ColdFusion Information Disclosure in Administrator Function CVE ID :CVE-2026-48556 Published : June 10, 2026, 6:17 p.m. | 1 hour ago Description :Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link fo...
Adobe ColdFusion 路径遍历漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a path traversal vulnerability. This...
Adobe ColdFusion 输入验证错误漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a vulnerability related to input validation...
Adobe ColdFusion 输入验证错误漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a vulnerability related to input validation...
Adobe ColdFusion 输入验证错误漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a vulnerability related to input validation...
Adobe ColdFusion 授权问题漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have security vulnerabilities. These vulnerabilitie...
Adobe ColdFusion 输入验证错误漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier have code vulnerabilities. These vulnerabilities stem from...
Adobe ColdFusion 跨站脚本漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have cross-site scripting vulnerabilities. These...
Exploit for Improper Access Control in Adobe Coldfusion
CVE-2023-26360 — Adobe ColdFusion Unauthenticated RCE Python...
Adobe ColdFusion deleteVersion Directory Traversal Arbitrary File Deletion Vulnerability
This vulnerability allows remote attackers to delete arbitrary files on affected installations of Adobe ColdFusion. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the deleteVersion method. T...
Adobe ColdFusion subscribeToEndpoints Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Adobe ColdFusion. Authentication is not required to exploit this vulnerability. The specific flaw exists within the subscribeToEndpoints method. The issue results from a missing critical step during...
Adobe ColdFusion 输入验证错误漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. The version Adobe ColdFusion 2023.18, as well as versions prior to 2025.6, have a vulnerability related to input validation...
Adobe ColdFusion 资源管理错误漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.18, 2025.6, and earlier have a resource management vulnerability. This vulnerability...
Adobe ColdFusion 资源管理错误漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.18, 2025.6, and earlier have a resource management vulnerability. This vulnerability...
Adobe ColdFusion 路径遍历漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion prior to 2023.18 and 2025.6 have a path traversal vulnerability. This vulnerability stems from a...