I am running an environment which uses ColdFusion 5.0 as the application server. I was trying to replicate, in a test environment, what is described as the "The Deadly Database Exploit".
My SQL ...
http://www.experts-exchange.com/Software/Server_Software/Web_Servers/ColdFusion/Q_20277425...
Zones:
Cold...Date Answered: 03/21/2002 Rating: 7.2 Views: 0
Functions.php is just for check the fields.
What I need is a script that will help me to solve my CSS vulnerability. I am not sure if I have to use htmlentities or htmlspecialchars
This form ...
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/Q_23773478.htm...
Zones:
PHPDate Answered: 09/29/2008 Rating: 9.2 Views: 0
What is best way to prevent cross site scripting?
If user enters encoded value like for %3c for <, how to track this?
plz provide examples.
http://www.experts-exchange.com/Programming/Languages/Java/Q_24034607.html
Zones:
JavaDate Answered: 01/15/2009 Rating: 6.8 Views: 0
Question: Is the massive Twitter cross-site scripting error reported by Dave Naylor a valid issue? Dave has a video showing the vulnerability, along with two blog articles explaining the problem....
http://www.experts-exchange.com/Virus_and_Spyware/Latest_Threats/Q_24684543.html
My ISP is telling me that my site is generating too many errors. I know they are because of the HackerSafe testing. I think I've fixed my "SQL Injection" vulnerabilities, so now it's on to cross si...
http://www.experts-exchange.com/Web_Development/Software/ColdFusion_Studio/Q_22567751.html
_LASTFOCUS, a default parameter in ASP.NET 2.0, is vulnerable to reflexif cross site scripting (CSS).
One suggested solution was to apply the patch MS06-056/KB922770 on the server. (Downloadabl...
http://www.experts-exchange.com/Programming/Languages/.NET/ASP.NET/Q_24532727.html
I'm trying to decide how far I should let WYSIWIG capabilities go on my site. From any tests I've seen, done, or read about, Html Purifier, which I'm using, is as bullet proof as it says. I thought...
http://www.experts-exchange.com/Internet/Web_Development/Q_24764814.html
I need to adhere to some bullshit PCI compliance. the app is written in Coldfusion. from what I've found on the web I gotta somehow check an url parm to make sure it doesn't have any html in i...
http://www.experts-exchange.com/Security/Vulnerabilities/Q_24153263.html
hi all
the testing people has scanned the application i.e.,,(machine test) and found that The test successfully embedded a script in the response, and it will be executed once the page is
loaded...
http://www.experts-exchange.com/Software/Server_Software/Web_Servers/ColdFusion/Q_24179854...
Zones:
Cold...Date Answered: 03/03/2009 Rating: 9.7 Views: 19
I have started using Server.HtmlEncode to add some kind of security to my little apps. They work fine with it, but I want to verify it's actually encoding so I can show the boss. Is there a way t...
http://www.experts-exchange.com/Programming/Languages/C_Sharp/Q_24361592.html
