Scope Injection in CFML

coldfusion Here is an interesting vulnerability that I have come across several times in real CFML code during code reviews, I have spoken about it at conferences but have never written about it. Since it doesn't really have a name, I call it Scope Injection, you'll see why in a minute.

This entry was:

FuseGuard 2.4 Released

coldfusion I'm pleased to announce the availability of FuseGuard (Web App Firewall For CFML) version 2.4 today! In addition Ortus Solutions (Luis Majano and the folks behind ColdBox) have also announced Ortus FuseGuard Module - a ColdBox module for FuseGuard.

This entry was:

Adobe eSeminar on FuseGuard

coldfusion Adobe has asked me to do an online e-seminar: Protecting ColdFusion Applications with FuseGuard thursday November 3rd at 10am PT / 1pm ET.

If you're curious about FuseGuard and how it works please head over to and register now!

This entry was:

Video: Installing FuseGuard

coldfusion Did you know that it only takes minutes to get FuseGuard up and running? Here's a short video showing how to install and configure FuseGuard - web application firewall for ColdFusion:

What's FuseGuard?

This entry was:

CFMeetup Thursday: Intro to FuseGuard and Web Application Firewalls

coldfusion I will be presenting at the ColdFusion Meetup online user group this Thursday (June 17th) at Noon Eastern Time. The topic: Introduction to FuseGuard and Web Application Firewalls.

This entry was:

FuseGuard Released - Protects your ColdFusion Apps

coldfusion I am happy to announce today the release of FuseGuard Web Application Firewall for ColdFusion!

FuseGuard 2.

This entry was:


did you hack my cf?