All CosmicBytez Labs articles tagged #ColdFusion, across news, security advisories, how-to guides, and projects.
Adobe ColdFusion versions 2023.20 and 2025.9 and earlier contain a critical unrestricted file upload vulnerability that allows unauthenticated remote...
Adobe ColdFusion versions 2023.20 and 2025.9 and earlier contain an improper input validation vulnerability enabling unauthenticated remote code...
A second critical improper input validation flaw in Adobe ColdFusion allows unauthenticated remote code execution in the context of the current user. Part...
Adobe ColdFusion contains a critical path traversal vulnerability (CWE-22) that enables unauthenticated remote code execution. The flaw is part of Adobe's...
Adobe ColdFusion 2023.19 and 2025.8 are affected by a critical improper input validation flaw enabling unauthenticated remote code execution with scope change.