CVE-1999-0477 Information

Description

The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm which does not restrict access to the server properly.

Reference

http://www.securityfocus.com/bid/115