CVE-2014-5468
CVE-2014-5468 is a Railo Remote File Include vulnerability affecting Railo 4.2.1 and earlier. A specially crafted request to thumbnail.cfm can cause the server to include a malicious PNG, enabling an attacker to download arbitrary PNGs and, via directory traversal, append ColdFusion markup to the...