Two of the most powerful features in Mura 7 are the improvements made to Mura ORM and the Feed API.
From: South of Shasta: Software Development, Web Design, Training
The Adobe ColdFusion Summit is coming up in October.
From: Pete Freitag's Homepage
Introduction🎈🎂🎂🎂🎂🎂🎂🎈Six years ago today, on September 12, 2017, Adobe released APSB17-30.
BackgroundIn this post I'll be walking though CVE-2023-29301, which is an access control bypass / password brute force vulnerability in Adobe ColdFusion that I reported to Adobe and was fixed on July 11, 2023 in Adobe Product Security Bulletin APSB23-40.
I found an interesting discussion between the community and Adobe today regarding early cfscript functionality for tags.
From: Chris Tierney
Vertically collapsing accordion UI components are simple to implement these days using native HTML.
From: cfSimplicity
TL; DR: If you use AES-CBC (or another block cipher operating in CBC mode) to decrypt user-controlled ciphertext, validate the ciphertext with an HMAC or similar integrity check prior to decryption to avoid Padding Oracle vulnerabilities.
Server logs in ColdFusion are a must-have resource to help you tune, monitor, and troubleshoot your servers.
From: Chris Tierney
I have recently replaced an older Cisco ASA 5550 with a FortiGate 80F.
From: Chris Tierney
I'm back from Houston Texas after another great Into the Box conference. Slides for my talk Taming the top 25 Most Dangerous Software Weaknesses can be found here. For code samples I used my Bank of Insecurity repository which is full of security weaknesses.
From: Pete Freitag's Homepage
This is the first of what may be a couple of posts about my presentation from ColdFusion Summit East 2023, which was held in April in Washington, DC.
These days when creating an EC2 instance in the AWS console UI, by default, the tags are duplicated across Elastic Block Service (EBS) and Elastic Network Interface (ENI) attached resources being created.
From: Chris Tierney
I spoke at ColdFusion Summit East 2023 last week.
The 2023 CF Summit East Conference wrapped up yesterday — it was a fun, albeit short, trip. I’m already on a flight back hope; sadly no time for tourist things on this trip (tho my sushi dinner with Minh Vo yesterday was fantastic so I’ll take that as a win).
From: South of Shasta: Software Development, Web Design, Training
The usual person in the tech industry will inevitably have a storage medium you “must” secure before letting it out of your possession.
From: Chris Tierney
Mura CMS was a popular open-source content management system (CMS) written in ColdFusion.
From: Chris Tierney
Database client Navicat doesn't seem to recognize MariaDB servers hosted on Azure.
From: cfSimplicity
BackgroundMura CMS is a popular content management system written in ColdFusion/CFML.
Are you in the market or considering purchasing Adobe ColdFusion’s full or upgrade license? While you always have the option of going straight to Adobe, I recommend purchasing through a reseller.
From: Chris Tierney
Minimum Viable Product (MVP) is a term that I hear used a lot, and the concept seems pretty simple. Yet it is too frequently misused in place of prototype by junior developers and non developers (management).
We need to do away with the term senior developer in the software industry. Here is why I propose we start using the term Master Developer.
Update March 6, 2023 - the full security advisory has been posted here: https://hoyahaxa.
