FuseTalk Hole Considered High Risk
Fusetalk Version 3.0, the current Allaire forums, has a hole that could allow a remote attacker to execute malicious SQL queries on the SQL database. This is classified as "high risk". Anyone using Fusetalk should get the patch, which was made available within three hours of the security hole being discovered. Links to the exploit and the vendor's site below.
FuseTalk 'join.cfm' Form Could Allow the Execution of Malicious SQL Queries
e-Zone Media FuseTalk Form Input Validation Vulnerability (Solution Section)
Latest ColdFusion Talk (CF-Talk)
- Coldfusion + SOAP Attachment !!!!
- Cfgrid Javascript function not working if not put inside <head></head> tags
- onTap Framework FAST Installation videos
- Flummoxed bya simple query
- Cfgrid Javascript function not working if not put inside <hea d></head> tags
- jxl borders and border styles
- SQL injection attack on House of Fusion
- cfhttp and Google Search Appliance
- Repost: cfgrid and cfform enctype="multipart/form-data"
- Web Service Issue , pls help
Latest ColdFusion Jobs (CF-Jobs)
- Alagad Needs a Good Contractor
- Coldfusion Developer 80k -95k Northridge Ca
- Sr Coldfusion Contract Available in Nashville, TN (onsite only)
- ColdFusion Contract opportunity MA
- Part time telecommute project
- ColdFusion Developers / Project Manager in Orange County, CA
- Full-time Coldfusion Developer Needed in Natick, MA
- Coldfusion (with PHP) - In-house, contract position in Los Angeles - NO TELECOMMUTERS
- Coldfusion Developer needed in Palo Alto, CA
- Sr ColdFusion Developer / Oracle DBA - Bethesda, MD
Want a number like 800-ColdFusion?
My Toll Free 800 Number provides a vanity phone number service to clients who want more than just digits. How would you like 800-coldfusion?