No kidding, I would consider it, if I was getting paid for the site in the first place.
-------------- Ian Skinner Web Programmer BloodSource www.BloodSource.org Sacramento, CA "C code. C code run. Run code run. Please!" - Cynthia Dunning ....-----Original Message----- ....From: Raymond Camden [mailto:[EMAIL PROTECTED] ....Sent: Wednesday, March 02, 2005 12:25 PM ....To: CF-Community ....Subject: Re: Another CF site to hack. .... ....I should get paid for this. ;) Any one want to hire me to go anal on ....your code?? ;) .... .... ....On Wed, 2 Mar 2005 14:24:55 -0600, Raymond Camden <[EMAIL PROTECTED]> ....wrote: ....> Yep. ....> ....> http://www.sierraoutdoorrecreation.com/Locations/Communities.cfm ....> ....> Gave me: ....> ....> Object of type class java.lang.String cannot be used as an array ....> ....> The error occurred in ....> ....D:\Inetpub\wwwroot\SierraOutdoorRecreation.com\wwwroot\Locations\Location ...._Inc.cfm: ....> line 36 ....> ....> 34 : <cfset tempary[1] = listfirst(listlast(cgi.SCRIPT_NAME,"/"),".")> ....> 35 : <cfset tempary[2] = cgi.SCRIPT_NAME> ....> 36 : <cfset temp = Arrayappend(session.breadcrumb,tempary)> ....> 37 : <html> ....> 38 : <head> ....> ....> This was after I had idled for a while, so it looks like the session ....> variable died and your code assumed it would exist. ....> ....> ....> On Wed, 2 Mar 2005 11:31:28 -0800, Ian Skinner ....> <[EMAIL PROTECTED]> wrote: ....> > So can you all tell me the vulnerabilities I have in this site? ....> > ....> > www.sierraoutdoorrecreation.com ....> > ....> > -------------- ....> > Ian Skinner ....> > Web Programmer ....> > BloodSource ....> > www.BloodSource.org ....> > Sacramento, CA ....> > ....> > "C code. C code run. Run code run. Please!" ....> > - Cynthia Dunning ....> > ....> > Confidentiality Notice: This message including any ....> > attachments is for the sole use of the intended ....> > recipient(s) and may contain confidential and privileged ....> > information. Any unauthorized review, use, disclosure or ....> > distribution is prohibited. If you are not the ....> > intended recipient, please contact the sender and ....> > delete any copies of this message. ....> > ....> > .... .... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:5:148947 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/5 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
