Authentication Bypass Vulnerability in Mura CMS and Masa CMS (CVE-2022-47003 and CVE-2022-47002)

BackgroundMura CMS is a popular content management system written in ColdFusion/CFML.

From: Hoya Haxa - A Security Research Blog

Building Command Line Applications in Spring with Spring Shell

In this introduction to Spring Shell, you will learn you how to build CLI applications in a familiar programming environment using Java + Spring.

From: Dan Vega

Long-Term Funding, Update #1

As part of Clojurists Together's Long-Term Funding for 2023 I talked about working on clojure-doc.org which I had resurrected a few years ago, as a GitHub Pages project, powered by Cryogen.

From: Sean Corfield: An Architect's View

Debloat Windows 11

Perform the following at your own risk.

From: Chris Tierney

Purchasing Adobe ColdFusion

Are you in the market or considering purchasing Adobe ColdFusion’s full or upgrade license? While you always have the option of going straight to Adobe, I recommend purchasing through a reseller.

From: Chris Tierney

A prototype is not a Minimum Viable Product (MVP)

Minimum Viable Product (MVP) is a term that I hear used a lot, and the concept seems pretty simple. Yet it is too frequently misused in place of prototype by junior developers and non developers (management).

From: Steve Neiland: Blog of a Web Developer

Senior Developers vs Master Developers

We need to do away with the term senior developer in the software industry. Here is why I propose we start using the term Master Developer.

From: Steve Neiland: Blog of a Web Developer

Easily Implement UUIDs as Primary Keys in Spring Boot 3

In this tutorial you will learn how to use one of the new features in Jakarta EE 10 in a Spring Boot 3 application.

From: Dan Vega

Happy New Year 2023

Happy New Year! I want to take a few minutes and talk about a few of my priorities as we head into the new year.

From: Dan Vega

2022 Reflections

In this article I am going to spend some time reflecting because I believe it's a good reminder of the good and the bad as I began to set some goals for next year.

From: Dan Vega

Calva, Joyride, and Portal

An updated version of this post describes my latest Calva, Joyride, and Portal setup.

From: Sean Corfield: An Architect's View

Spring Response Entity - How to customize the response in Spring Boot

In this tutorial, you will learn what the ResponseEntity class is and how it can be used to customize the response in your Spring Boot application.

From: Dan Vega

Learning “AWS Backup” Restorations for On-Prem VMWare VMs

CF Webtools has maintained VMWare ESXi guest OS instances, managed by vCenter, for about 7 years.

From: Chris Tierney

What I have been working on: Modal

Long story short: I'm working on a super cool tool called Modal. Please check it out — it lets you run things in the cloud without having to think about infrastructure. Scaling out, scheduling, containerization, using GPUs, setting up webhooks, and all kinds of other stuff.

From: Erik Bernhardsson

deps.edn and monorepos X (Polylith)

This is part of an ongoing series of blog posts about our ever-evolving use of the Clojure CLI, deps.edn, and Polylith, with our monorepo at World Singles Networks.

From: Sean Corfield: An Architect's View

AWS Lambda SnapStart for Spring Developers

AWS Lambda SnapStart is a new performance optimization developed by AWS that can significantly improve the startup time for your applications.

From: Dan Vega

Improving Lucee's QoQ Support Again- now 200% faster

Two years ago, I published this post detailing how I had refactored the Query of Query support in Lucee to be much better and also much faster: https://www.

From: Coders Revolution

What's new in Spring Security 6

In this article we will discuss the new features of Spring Security 6 and create a new Spring Boot 3 project together.

From: Dan Vega

Building AWS Lambda Functions with Java: An Introduction to the AWS Lambda Core Java Library

In this tutorial you will learn how to build AWS Lambda functions with Java using the AWS Lambda Core Java Library.

From: Dan Vega

On ColdFusion, XXE, and other XML Attacks

An IntroductionThis is the first of what may become a few blog posts based on my CFSummit 2022 talk.

From: Hoya Haxa - A Security Research Blog