Hackers take aim at ColdFusion development tool

Attacks target vulnerabilities in older versions of ColdFusion

A new wave of attacks is targeting web applications written with the ColdFusion development tool.

Researchers with security group Sans said that the company has received multiple reports of attacks which target vulnerabilities in older versions of ColdFusion.

The attacks are said to target two components in ColdFusion applications: the FCKEditor text editing tool, and the CKFinder file management tool. Once an application is compromised, the attackers can take complete control of the targeted server.

"The attacks we've been seeing in the wild end up with inserted