There has been important news released (this week and last week) about a critical Lucee security vuln (an RCS or remote code execution vuln). You'll want to make sure your Lucee instances are protected either by updates or configuration (or both). There are actually 3 matters to beware. [More]
Last week, Harsh Jaiswal and Rahul Maini from ProjectDiscovery released some impressive security research on multiple vulnerabilities in Lucee (and Mura CMS and Masa CMS).
In this article, we will cover how to upload data to the server using ColdFusion. We will also discuss security concerns and common best practices when uploading data using ColdFusion.
From: Gregory's Blog
A few years ago, Adobe deprecated Adobe FireWorks and made it difficult to find and install. If you need a moderately robust graphics program for the web, this article will show you how to get around some of the common issues of installing Adobe Fireworks.
From: Gregory's Blog
So you've looked at CF Components, and kind of understand the basics of how they work.
From: South of Shasta: Software Development, Web Design, Training
ColdFusion supports both a tag-based language, similar to PHP, and cfscript, which is a C-style language similar to Javascript. In this article, we will discuss some of the potential use cases of both styles.
From: Gregory's Blog
A few months ago I was on a mission to remove some of the old broken links on my blog.
From: Pete Freitag's Homepage
We will discuss the main differences between blog categories and tags and how they affect the user experience and SEO
From: Gregory's Blog
We will discuss how to develop a recursive ColdFusion function
From: Gregory's Blog
In this example, we will discuss how to implement a breadcrumb navigation widget on your site and how to create breadcrumb-structured data.
From: Gregory's Blog
Christmas came early this year in Potrero Hill and it was sad news for craft beer drinkers.
Removing the Server Header as of IIS 10 (the version of IIS installed by default on Windows Server 2016, 2019 or 2022) is now much easier than it had been with prior versions of IIS.
From: Pete Freitag's Homepage
A little while ago we had a Mura site (which has recently been upgraded to Masa) with a bunch of blog articles and other content where the "Release Date" field was left empty by accident.
From: South of Shasta: Software Development, Web Design, Training
The Spreadsheet CFML library now has improved support for creating CSV from your data
From: cfSimplicity
The Spreadsheet CFML library now supports fast, memory efficient CSV file processing
From: cfSimplicity
BackgroundAdobe ColdFusion is vulnerable to a Mass Assignment vulnerability that can result in an attacker being able to modify the value of any variable in any scope within the context of remote CFC methods.
A few weeks ago was the annual ColdFusion Summit in Las Vegas. And as expected, the event was very worth the trip! Overall I think everything ran very smoothly — food, sessions, staff, the party, and all the other things you'd expect at CF Summit were the same quality as previous years.
From: South of Shasta: Software Development, Web Design, Training
When setting up a server for training purposes I wanted to create a self signed certificate for app1.
From: Pete Freitag's Homepage
I ran into a really strange problem today, whenever I would write a file it would show up as empty on my file system.
From: Pete Freitag's Homepage
I recently moved my blog over to a custom domain -- https://www.
IntroductionThis post is about ColdFusion 2023 Update 5 and ColdFusion 2021 Update 11, but it's also about more than just those versions.
A code-review of sorts where we go over some of the real-world situations when things just don't go the way the Stack Overflow Gods say they should. We'll look at the pros and cons of solutions in these situations and the lessons hopefully learned along the way.
From: South of Shasta: Software Development, Web Design, Training
