Short Name |
HTTP:COLDFUSION:GETFILE-PROBE |
---|---|
Severity |
Warning |
Recommended |
No |
Category |
HTTP |
Keywords |
Coldfusion Getfile.cfm Probe |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the getfile.cfm script. Attackers can access files on the Web server.
An Allaire Forums file "GetFile.cfm" in the root of the application directory allows anyone to access any file on the Forums server. This vulnerability affects Forums 2.0.4 and earlier.