Unrated severityNVD Advisory· Published Dec 25, 1999· Updated Apr 16, 2026

CVE-1999-0455

Description

The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.

Affected products

Allaire Corporation/Coldfusion Server
cpe:2.3:a:allaire:coldfusion_server:4.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/115nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000