Adobe ColdFusion Gets A Perfect 10
If you are running Adobe ColdFusion and haven’t patched since last Tuesday, you are not just a tempting target, you might already be a victim. This particular vulnerability is a path traversal attack; a couple of special characters added to a public facing web address can give an attacker full access to private directories they shouldn’t be able to even see. With full access to your ColdFusion files, they could delete or modify them. That would turn your website into a one stop infection site for anyone visiting.
In general Adobe ColdFusion is not used by small sites, instead it is preferred by larger enterprise sites which don’t know better than to use Adobe. This means that unpatched sites you visit could well be just waiting to infect you and you’d have no way of knowing. Stay careful out there.