CVE-1999-0455

HIGH

7.5

CVSS Severity Score

EPSS Score0.1000%

EPSS Percentile32.43th

Published1999年12月25日

Last Modified2026年4月16日

Vulnerability Description

The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.

Affected Platforms (CPE)

📦

Allaire

Coldfusion Server

= 4.0

References & Advisories

🔗 http://www.securityfocus.com/bid/115

相关漏洞威胁

CVE-2016-42648.6

The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Update 21 and 11 before Update 10 allows remote attackers to rea...

CVE-2025-618138.2

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference ...

CVE-1999-11247.5

HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by provid...

CVE-1999-04777.5

The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile....