Allaire » Coldfusion Server : Security Vulnerabilities, CVEs, Published In 1999
The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly.
Max CVSS
7.5
EPSS Score
0.25%
Published
1999-12-25
Updated
2008-09-05
The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.
Max CVSS
7.5
EPSS Score
0.69%
Published
1999-12-25
Updated
2008-09-09
2 vulnerabilities found