A file upload vulnerability exists in the CKEditor of Adobe ColdFusion 11 (Update 14 and earlier).
0d365afb0d6b2a324a2e6192d6ce6443105fada13d13da91a9c3b3c7c50905bc
Adobe ColdFusion 2018 suffers from a remote shell upload vulnerability.
6d9b1d1741c77f9c05d013bc913c530aed0fc116578b9cea6fe2208f752cbb54