Directory traversal vulnerability in Adobe ColdFusion 9.0.1 and earlier allows attackers to obtain sensitive information. The vulnerability is a variation of a classic directory traversal vulnerability, also referred to as 'arbitrary file retrieval'. The attack involves tricking a server-side script to provide the contents of a file that it was not originally supposed to be made available. By 'moving up' a few directory levels, the attacker is able to obtain the contents of files outside the application server's webroot via special strings such as '../'.
Apply the fix provided by Adobe. Check Web References.
Security update: Hotfix available for ColdFusion
Vulnerability Summary for CVE-2010-2861
Coldfusion Directory Traversal Faq (CVE-2010-2861)
WordPress Plugin OneLogin SAML SSO Security Bypass (2.2.0)
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Cross-Site Scripting (3.0.15)
WordPress Plugin Login by Auth0 Cross-Site Scripting (3.11.2)
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (8.0.07)
WordPress Plugin Forget About Shortcode Buttons Cross-Site Scripting (1.1.1)