This Metasploit module exploits a directory traversal bug in Adobe ColdFusion. By reading the password.properties a user can login using the encrypted password itself. This should work on version 8 and below.
30d24479f36de7b6cb78e0669b676ca8ad8705ff92ec0b9d808502f823261cc0