Remote File Read and Deletion Vulnerability in ColdFusion Expression Evaluator

Remote File Read and Deletion Vulnerability in ColdFusion Expression Evaluator

CVE-1999-0455 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.

Learn more about our Cis Benchmark Audit For Server Software.