On Sun, Jun 16, 2013 at 9:45 AM, Russ Michaels <[email protected]> wrote:
> > if your only dealing with images and are stopping all other file types > being uploaded then what is the issue with allowing them to be uploaded to > the website ? > Check out what happened to me. http://www.raymondcamden.com/index.cfm/2009/9/21/How-Galleon-was-Hacked I thought I was secure since I was - literally - in the next line of CFML checking the extensions and deleting - but someone was able to abuse this via a script. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:355946 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
