In general, session and application variables are designed to hold information that you seldom write but read often. In most cases, the values of these variables are set once, most often when an application is first started (Application variables) or the first time a user begins using an application (Session variables). Then the values of these variables will be referenced many times throughout the life of the application or the course of a session.
When using application variables, keep in mind that these variables are shared by all instances of an application that might be running on a server. Because of this sharing, applications cannot assume that values saved in these variables will not be overwritten by other instances of the same application that might be simultaneously running on the server. Of course, this is not a problem if these variables are treated as "write-once, read-many," but can be a problem if they are written to indiscriminately.
The variable scope names "application" and "session" are registered as ColdFusion structures. This enables you to use the ColdFusion Structure functions to get a list of application and session variables. For example, you can use CFLOOP with the StructFind function to output a list of application and session variables defined for a specific application.
To find a list of client variables, you use the GetClientList function.
See the CFML Language Reference for more information on these functions.