Description
ColdFusion allows an unauthenticated user to upload arbitrary files. An attacker can exploit it to achieve remote code execution.
Remediation
Upgrade to the latest version of ColdFusion
References
Related Vulnerabilities
WordPress Plugin Gallery by BestWebSoft 'php.php' Arbitrary File Upload (3.06)
WordPress Plugin Frontend File Manager Arbitrary File Upload (3.9)
WordPress Plugin PollDeep Arbitrary File Upload (1.2)
WordPress Plugin Slideshow Pro 'upload.php' Arbitrary File Upload (2.1)
WordPress Plugin Infusionsoft Gravity Forms Add-on Arbitrary File Upload (1.5.10)