News

Bleeping Computer

CISA warns of Adobe ColdFusion bug exploited as a zero-day

CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw ...
Computerworld

Can Adobe make ColdFusion hot (again) or not?

There was CGI, Java and even C. But for building Web sites during the dot-com boom, nothing was hotter than ColdFusion. Created by Allaire Corp. more than a decade ago, ColdFusion enabled Web 1.0 ...
Threat Post

Adobe Fixes ‘Important’ Flaws in ColdFusion, After Effects and Digital Editions

While Adobe’s regularly scheduled security updates were light this month, they fixed “important” severity vulnerabilities. Adobe released security patches for vulnerabilities in its ColdFusion, After ...
Bleeping Computer

Critical ColdFusion flaws exploited in attacks to drop webshells

Update 7/17/23: The article was updated due to a mistaken warning added by Adobe to its email notification. However, a newer version of the bug was seen by Rapid7 to be actively exploited. Hackers are ...
CSOonline

Attackers breach US government agencies through ColdFusion flaw

In a new advisory that shows why it’s critical to keep Adobe ColdFusion deployments up to date, the US Cybersecurity and Infrastructure Security Agency (CISA) warns that two federal agencies were ...
Ars Technica

Coldfusion and using RADIUS authentication

Hello all,<BR><BR>I'm setting some stuff up at work and looking for some help on this one piece I can't quite figure out.<BR><BR>What I'm looking to accomplish is to verify a login/password to a ...