ColdFusion | writeups.xyz

Title	Vulnerabilities	Programs	Authors
Hello Lucee! Let us hack Apple again?	RCE Insecure Deserialization ColdFusion Security Code Review	Apple Lucee	Harsh Jaiswal (@Rootxharsh) Rahul Maini (@Iamnoooob)
Technical Details for CVE-2023-29301: Adobe ColdFusion Access Control Bypass for a CFAdmin Authentication Component	Broken Access Control Bruteforce ColdFusion	Adobe	Brian (@Hoyahaxa)
Adobe ColdFusion Pre-Auth RCE(s)	RCE ColdFusion JNDI Injection Insecure Deserialization Security Code Review Patch Diffing	Adobe (ColdFusion)	Harsh Jaiswal (@Rootxharsh) Rahul Maini (@Iamnoooob)
CVE-2023-29298: Adobe ColdFusion Access Control Bypass	Broken Access Control Logic Flaw Security Code Review ColdFusion	Adobe	Stephen Fewer (@Stephenfewer)
On ColdFusion, AES, and Padding Oracle Attacks: Hic Sunt Dracones	Padding Oracle Attack ColdFusion Cryptographic Issues	Undisclosed	Brian (@Hoyahaxa)
Authentication Bypass Vulnerability in Mura CMS and Masa CMS (CVE-2022-47003 and CVE-2022-47002)	Authentication Bypass Security Code Review ColdFusion	Mura CMS Masa CMS	Brian (@Hoyahaxa)
Finding 0day to hack Apple	RCE ColdFusion	Apple Lucee	Harsh Jaiswal (@Rootxharsh) Rahul Maini (@Iamnoooob)

Page 1 of 1