CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw ...

A nation-state cyber-espionage group is actively hacking into Adobe ColdFusion servers and planting backdoors for future operations, Volexity researchers have told ZDNet. The attacks have been taking ...

Today, when you hear people talking about ColdFusion you probably don't think of the elusive promise of easy, clean energy, but Allaire's ColdFusion's which has brought the ability to build dynamic ...

A vulnerability in the ColdFusion Web server platform, reported by Adobe less than a week ago, has apparently been in the wild for almost a month and has allowed the hacking of at least one company ...

Earlier this month, I published a story about a criminal hacking gang using Adobe ColdFusion vulnerabilities to build a botnet of hacked e-commerce sites that were milked for customer credit card data ...

While Adobe’s regularly scheduled security updates were light this month, they fixed “important” severity vulnerabilities. Adobe released security patches for vulnerabilities in its ColdFusion, After ...

Attackers exploited a vulnerability in Adobe ColdFusion to install data-stealing malware that works as a module for Microsoft’s Internet Information Services (IIS) Web server software. Researchers ...

Adobe has released out-of-band security updates to address a critical vulnerability impacting ColdFusion versions 2021, 2016, and 2018. Today's emergency updates patch an arbitrary code execution ...

ColdFusion lets you import external pages and files, so you can read HTML data and display the content on your own pages. Before you display the data on your pages, you must remove all tags in the ...