CVE-1999-0455

ColdFusion - Info Disclosure

Title source: llm

Description

The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.

Exploits (1)

exploitdb WORKING POC

remotemultiple

https://www.exploit-db.com/exploits/19093

View Code ZIP pw:eip

References (1)

[Vendor Advisory] http://www.securityfocus.com/bid/115

Scores

EPSS 0.0913

EPSS Percentile 92.7%

Details

Status published

Products (1)

allaire/coldfusion_server 4.0

Published Dec 25, 1999

Tracked Since Feb 18, 2026