CVE-2000-0189

Allaire Coldfu — NVD-CWE-Other

EPSS 0.00647
  • Published: 2000-03-01T05:00:00.000
  • Last modified: 2025-04-03T01:03:51.193
  • Vendors: Allaire
  • Products: Coldfu
  • CWE: NVD-CWE-Other

CVE-2000-0189 — ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files. [Weakness: NVD-CWE-Other]

Related CVE by CWE

No closely related CVE found.

Risk snapshot

EPSS: n/a   |   KEV: not listed

Related CVE by CWE

No related CWE found.

Top CVE for Vendor

No items for this vendor.

Recently Exploited Similar Vulnerabilities

No recent KEV-listed items for this vendor/product.

ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files.

🧠 Explainer: What this vulnerability means

Summary: The issue in Coldfu by Allaire (CWE: unspecified) may enable attacks.

Impact: Attackers could gain unauthorized access, execute code, or disrupt services.

Mitigation: Until patched, restrict exposure, enforce least privilege, and monitor for suspicious activity.

CWE: NVD-CWE-Other
Allaire Coldfu

No explicit mitigation/advisory links found in references.