Re: [WebDNA] Security

This WebDNA talk-list message is from

2015


It keeps the original formatting.
numero = 112480
interpreted = N
texte = 57 Maybe the server is allowing the file itself to be served. Kind regards Stuart Tremain IDFK Web Developments AUSTRALIA webdna@idfk.com.au > On 22 Oct 2015, at 08:25, Kenneth Grome wrote: > > Does anyone know a way to trick WebDNA into displaying db data in > the browser, perhaps by sending URL parameters that would make > WebDNA behave improperly ... or by some other method that does not > require FTP or SSH or direct server access? > > Wasn't there some kind of bug that allowed this unless specific > measures were taken to prevent it? > > I cannot recall the details but it seems to me that there was > something a regular website visitor could do that would cause > this. I only wish I could remember the details now, but maybe > someone else can ... ? > Regards, > Kenneth Grome > WebDNA Solutions > http://www.webdnasolutions.com > Web Database Systems and Linux Server Administration > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > Bug Reporting: support@webdna.us --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us . Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Security (Stuart Tremain 2015)
  2. [WebDNA] Security (Kenneth Grome 2015)
  3. Re: [WebDNA] Security Problem (Tom Duke 2015)
  4. Re: [WebDNA] Security Problem (Stuart Tremain 2015)
  5. [WebDNA] Security Problem (Stuart Tremain 2015)
  6. [WebDNA] security patches (Olin Lagon 2014)
  7. RE: [WebDNA] Security Groups ("Michael A. DeLorenzo" 2010)
  8. Re: [WebDNA] Security Groups (Govinda 2010)
  9. [WebDNA] Security Groups ("Michael A. DeLorenzo" 2010)
  10. Re: [WebDNA] Security best practice (Donovan Brooke 2009)
  11. Re: [WebDNA] Security best practice (Terry Wilson 2009)
  12. Re: [WebDNA] Security best practice (Clint Davis 2009)
  13. Re: [WebDNA] Security best practice (Terry Wilson 2009)
  14. Re: [WebDNA] Security best practice (Donovan Brooke 2009)
  15. Re: [WebDNA] Security best practice (Donovan Brooke 2009)
  16. [WebDNA] Security best practice ("Tom Duke" 2009)
  17. [BULK] Re: [WebDNA] Security Images (Captcha) ("Psi Prime, Matthew A Perosi " 2008)
  18. Re: [WebDNA] Security Images (Captcha) ( 2008)
  19. Re: [WebDNA] Security Images (Captcha) ("Psi Prime, Matthew A Perosi " 2008)
  20. RE: [WebDNA] Security Images (Captcha) ("Olin Lagon" 2008)
  21. [WebDNA] Security Images (Captcha) ( 2008)
57 Maybe the server is allowing the file itself to be served. Kind regards Stuart Tremain IDFK Web Developments AUSTRALIA webdna@idfk.com.au > On 22 Oct 2015, at 08:25, Kenneth Grome wrote: > > Does anyone know a way to trick WebDNA into displaying db data in > the browser, perhaps by sending URL parameters that would make > WebDNA behave improperly ... or by some other method that does not > require FTP or SSH or direct server access? > > Wasn't there some kind of bug that allowed this unless specific > measures were taken to prevent it? > > I cannot recall the details but it seems to me that there was > something a regular website visitor could do that would cause > this. I only wish I could remember the details now, but maybe > someone else can ... ? > Regards, > Kenneth Grome > WebDNA Solutions > http://www.webdnasolutions.com > Web Database Systems and Linux Server Administration > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > Bug Reporting: support@webdna.us --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us . Stuart Tremain

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Redirect frame targets (1998) quantity minimum problem (1997) read and write you own cookies with webcat (1997) [WebDNA] Fwd: TCPConnect DATA= REQUEST_DENIED You must use an API key to (2019) Forms to db's and back (2005) sort problems....bug or brain fart? (1997) Smart caching problems with 2.1b3? (1997) test (2005) Just Testing (1997) Word Breaks (1998) breaking words (1997) Semi OT: IE losing info from forms when back button is used (2005) Forbidden CGI Error (1997) Running 2 two WebCatalog.acgi's (1996) Help! WebCat2 bug (1997) Re:Signal Raised (1997) [WebDNA] To be or not to be friendly (URLs) (2011) RE: Automatic Forwarding using WebCat (1997) No luck with taxes (1997) Looking for WebCat web hoster in Chicago/Illinois/Midwest (2000)