The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
https://exchange.xforce.ibmcloud.com/vulnerabilities/1748
http://www.allaire.com/handlers/index.cfm?ID=9602&Method=Full
http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html