If You're Running an Intranet Connections Lucee Instance, Ensure That You've Change the Default Lucee Admin Password

Last week, researchers at Sprocket Security wrote about post-exploitation in Lucee via malicious extensions.

From: Hoya Haxa - A Security Research Blog

If You're Running an Intranet Connections Lucee Instance, Ensure That You've Change the Default Lucee Admin Password

Last week, researchers at Sprocket Security wrote about post-exploitation in Lucee via malicious extensions.

From: Hoya Haxa - A Security Research Blog

ColdFusion searchImplicitScopes and APSB24-14

Adobe has published a ColdFusion Security Hotfix APSB24-14 today which describes "a critical vulnerability that could lead to arbitrary file system read".

From: Pete Freitag's Homepage

ColdFusion searchImplicitScopes and APSB24-14

Adobe has published a ColdFusion Security Hotfix APSB24-14 today which describes "a critical vulnerability that could lead to arbitrary file system read".

From: Pete Freitag's Homepage

What Does ColdFusion's verifyClient() Do?

I recently saw a ColdFusion question about verifyClient and remote CFC functions.

From: Hoya Haxa - A Security Research Blog

What Does ColdFusion's verifyClient() Do?

I recently saw a ColdFusion question about verifyClient and remote CFC functions.

From: Hoya Haxa - A Security Research Blog

What Does ColdFusion's verifyClient() Do?

I recently saw a ColdFusion question about verifyClient and remote CFC functions.

From: Hoya Haxa - A Security Research Blog

Come Learn About Web Components!

Did you miss the Adobe ColdFusion Summit in Las Vegas last year? Still bummed about missing all the rad content? You're in luck!  Adobe is currently running the ColdFusion Online Summit 2024 -- it's the same (I think) sessions that were done in Las Vegas, but on line so you can watch from the c...

From: South of Shasta: Software Development, Web Design, Training

Come Learn About Web Components!

Did you miss the Adobe ColdFusion Summit in Las Vegas last year? Still bummed about missing all the rad content? You're in luck!  Adobe is currently running the ColdFusion Online Summit 2024 -- it's the same (I think) sessions that were done in Las Vegas, but on line so you can watch from the c...

From: South of Shasta: Software Development, Web Design, Training

Come Learn About Web Components!

Did you miss the Adobe ColdFusion Summit in Las Vegas last year? Still bummed about missing all the rad content? You're in luck!  Adobe is currently running the ColdFusion Online Summit 2024 -- it's the same (I think) sessions that were done in Las Vegas, but on line so you can watch from the c...

From: South of Shasta: Software Development, Web Design, Training

Thinking Defensively About Three Recent Lucee Vulnerabilities

Last week, Harsh Jaiswal and Rahul Maini from ProjectDiscovery released some impressive security research on multiple vulnerabilities in Lucee (and Mura CMS and Masa CMS).

From: Hoya Haxa - A Security Research Blog

Thinking Defensively About Three Recent Lucee Vulnerabilities

Last week, Harsh Jaiswal and Rahul Maini from ProjectDiscovery released some impressive security research on multiple vulnerabilities in Lucee (and Mura CMS and Masa CMS).

From: Hoya Haxa - A Security Research Blog

Thinking Defensively About Three Recent Lucee Vulnerabilities

Last week, Harsh Jaiswal and Rahul Maini from ProjectDiscovery released some impressive security research on multiple vulnerabilities in Lucee (and Mura CMS and Masa CMS).

From: Hoya Haxa - A Security Research Blog