Description
ColdFusion allows an unauthenticated user to upload arbitrary files. An attacker can exploit it to achieve remote code execution.
Remediation
Upgrade to the latest version of ColdFusion
References
Related Vulnerabilities
WordPress Plugin WordPress File Upload Cross-Site Request Forgery (2.4.1)
WordPress Plugin Video Gallery /w YouTube, Vimeo Arbitrary File Upload (8.48)
WordPress Plugin User Photo 'user-photo.php' Arbitrary File Upload (0.9.4)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Arbitrary File Upload (2.8.1.1)
WordPress Plugin Word of the day Arbitrary File Upload (1.0)