Is your ColdFusion Administrator Actually Public?

coldfusion Every so often I get an email back from someone who ran HackMyCF.com saying something like this:

Your scanner says our ColdFusion Administrator is publicly accessible, but I don't think that's true.


This entry was:

HackMyCF.com Now Detects BlazeDS Vulnerability

coldfusion I've just finished updating the HackMyCF.com ColdFusion security scanner to detect the BlaseDS Vulnerability APSB10-05 announced in February 2010. As you hopefully know, this vulnerability also effects ColdFusion 7-9, because it has BlaseDS installed by default.


This entry was:

How to tell if a site takes security seriously

misc Here are some easy ways you can tell if a particular site is serious about security:


This entry was:

foundeo


did you hack my cf?