CF Summit East 2024 Recap
Last week was the 2024 edition of CF Summit East in Washington DC.
From: South of Shasta: Software Development, Web Design, Training
5/9/24, 7:00 AM
Coldfusion
CF Summit East 2024 Recap
Last week was the 2024 edition of CF Summit East in Washington DC.
From: South of Shasta: Software Development, Web Design, Training
5/9/24, 7:00 AM
Coldfusion
Left and Right Accept Negative Counts
8 ) { //strip https:// website = right(website, len(website)-8); } As long as you are doing that kind of check, you should not have any issue with unexpected change of behavior due to this change.
From: Pete Freitag's Homepage
5/2/24, 8:51 PM
Coldfusion
Left and Right Accept Negative Counts
8 ) { //strip https:// website = right(website, len(website)-8); } As long as you are doing that kind of check, you should not have any issue with unexpected change of behavior due to this change.
From: Pete Freitag's Homepage
5/2/24, 8:51 PM
Coldfusion
Bypassing Imperva SecureSphere WAF (CVE-2023-50969)
Background Imperva SecureSphere Web Application Firewall (WAF) is an on-premise security solution to inspect, monitor and block traffic to web applications.
3/27/24, 9:00 AM
Coldfusion
Bypassing Imperva SecureSphere WAF (CVE-2023-50969)
Background Imperva SecureSphere Web Application Firewall (WAF) is an on-premise security solution to inspect, monitor and block traffic to web applications.
3/27/24, 9:00 AM
Coldfusion
Speaking at CF Summit East 2024
The kind folks at Adobe have invited me back to speak at CF Summit East 2024 in Washington DC.
From: South of Shasta: Software Development, Web Design, Training
3/26/24, 7:00 AM
Coldfusion
Speaking at CF Summit East 2024
The kind folks at Adobe have invited me back to speak at CF Summit East 2024 in Washington DC.
From: South of Shasta: Software Development, Web Design, Training
3/26/24, 7:00 AM
Coldfusion
Defending Against CVE-2024-20767 (ColdFusion Arbitrary File System Read)
Technical details for CVE-2024-20767 (ColdFusion Arbitrary File System Read) from APSB24-14 have now been publicly disclosed by the researcher who reported it to Adobe PSIRT: https://jeva.
3/25/24, 2:45 PM
Coldfusion
Defending Against CVE-2024-20767 (ColdFusion Arbitrary File System Read)
Technical details for CVE-2024-20767 (ColdFusion Arbitrary File System Read) from APSB24-14 have now been publicly disclosed by the researcher who reported it to Adobe PSIRT: https://jeva.
3/25/24, 2:45 PM
Coldfusion
Fixinator fixes unscoped variables
Last week's Adobe ColdFusion security update disabled searchImplicitScopes by default.
From: Pete Freitag's Homepage
3/21/24, 9:39 PM
Coldfusion
Fixinator fixes unscoped variables
Last week's Adobe ColdFusion security update disabled searchImplicitScopes by default.
From: Pete Freitag's Homepage
3/21/24, 9:39 PM
Coldfusion
If You're Running an Intranet Connections Lucee Instance, Ensure That You've Change the Default Lucee Admin Password
Last week, researchers at Sprocket Security wrote about post-exploitation in Lucee via malicious extensions.
3/21/24, 2:50 PM
Coldfusion
If You're Running an Intranet Connections Lucee Instance, Ensure That You've Change the Default Lucee Admin Password
Last week, researchers at Sprocket Security wrote about post-exploitation in Lucee via malicious extensions.
3/21/24, 2:50 PM
Coldfusion
ColdFusion searchImplicitScopes and APSB24-14
Adobe has published a ColdFusion Security Hotfix APSB24-14 today which describes "a critical vulnerability that could lead to arbitrary file system read".
From: Pete Freitag's Homepage
3/13/24, 12:39 AM
Coldfusion
ColdFusion searchImplicitScopes and APSB24-14
Adobe has published a ColdFusion Security Hotfix APSB24-14 today which describes "a critical vulnerability that could lead to arbitrary file system read".
From: Pete Freitag's Homepage
3/13/24, 12:39 AM
Coldfusion
3/7/24, 8:00 AM
Coldfusion
3/7/24, 8:00 AM
Coldfusion
One Reason Why Your ColdFusion Server May Still Be Vulnerable Even With the Latest Security Updates Installed
Next Tuesday is Adobe Patch Tuesday.
3/5/24, 5:03 AM
Coldfusion
One Reason Why Your ColdFusion Server May Still Be Vulnerable Even With the Latest Security Updates Installed
Next Tuesday is Adobe Patch Tuesday.
3/5/24, 5:03 AM
Coldfusion
What Does ColdFusion's verifyClient() Do?
I recently saw a ColdFusion question about verifyClient and remote CFC functions.
2/27/24, 6:34 AM
Coldfusion
What Does ColdFusion's verifyClient() Do?
I recently saw a ColdFusion question about verifyClient and remote CFC functions.
2/27/24, 6:34 AM
Coldfusion
Come Learn About Web Components!
Did you miss the Adobe ColdFusion Summit in Las Vegas last year? Still bummed about missing all the rad content? You're in luck! Adobe is currently running the ColdFusion Online Summit 2024 -- it's the same (I think) sessions that were done in Las Vegas, but on line so you can watch from the c...
From: South of Shasta: Software Development, Web Design, Training
2/24/24, 8:00 AM
Coldfusion
Come Learn About Web Components!
Did you miss the Adobe ColdFusion Summit in Las Vegas last year? Still bummed about missing all the rad content? You're in luck! Adobe is currently running the ColdFusion Online Summit 2024 -- it's the same (I think) sessions that were done in Las Vegas, but on line so you can watch from the c...
From: South of Shasta: Software Development, Web Design, Training
2/24/24, 8:00 AM
Coldfusion
2/22/24, 9:34 PM
Coldfusion
2/22/24, 9:34 PM
Coldfusion