Description
ColdFusion FlashGateway is vulnerable to deserialization attacks. An attacker could exploit this vulnerability using specially-crafted serialized data to execute arbitrary code on the system.
Remediation
Upgrade to the latest version of ColdFusion
References
Related Vulnerabilities
Reflected Cross-Site Scripting (XSS) vulnerability in PAN-OS management web interface
Drupal 7 arbitrary PHP code execution and information disclosure
WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Remote Code Execution (2.8.5)
WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress Remote Code Execution (1.3.4)