Re: [WebDNA] Security

This WebDNA talk-list message is from

2015


It keeps the original formatting.
numero = 112480
interpreted = N
texte = 57 Maybe the server is allowing the file itself to be served. Kind regards Stuart Tremain IDFK Web Developments AUSTRALIA webdna@idfk.com.au > On 22 Oct 2015, at 08:25, Kenneth Grome wrote: > > Does anyone know a way to trick WebDNA into displaying db data in > the browser, perhaps by sending URL parameters that would make > WebDNA behave improperly ... or by some other method that does not > require FTP or SSH or direct server access? > > Wasn't there some kind of bug that allowed this unless specific > measures were taken to prevent it? > > I cannot recall the details but it seems to me that there was > something a regular website visitor could do that would cause > this. I only wish I could remember the details now, but maybe > someone else can ... ? > Regards, > Kenneth Grome > WebDNA Solutions > http://www.webdnasolutions.com > Web Database Systems and Linux Server Administration > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > Bug Reporting: support@webdna.us --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us . Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Security (Stuart Tremain 2015)
  2. [WebDNA] Security (Kenneth Grome 2015)
  3. Re: [WebDNA] Security Problem (Tom Duke 2015)
  4. Re: [WebDNA] Security Problem (Stuart Tremain 2015)
  5. [WebDNA] Security Problem (Stuart Tremain 2015)
  6. [WebDNA] security patches (Olin Lagon 2014)
  7. RE: [WebDNA] Security Groups ("Michael A. DeLorenzo" 2010)
  8. Re: [WebDNA] Security Groups (Govinda 2010)
  9. [WebDNA] Security Groups ("Michael A. DeLorenzo" 2010)
  10. Re: [WebDNA] Security best practice (Donovan Brooke 2009)
  11. Re: [WebDNA] Security best practice (Terry Wilson 2009)
  12. Re: [WebDNA] Security best practice (Clint Davis 2009)
  13. Re: [WebDNA] Security best practice (Terry Wilson 2009)
  14. Re: [WebDNA] Security best practice (Donovan Brooke 2009)
  15. Re: [WebDNA] Security best practice (Donovan Brooke 2009)
  16. [WebDNA] Security best practice ("Tom Duke" 2009)
  17. [BULK] Re: [WebDNA] Security Images (Captcha) ("Psi Prime, Matthew A Perosi " 2008)
  18. Re: [WebDNA] Security Images (Captcha) ( 2008)
  19. Re: [WebDNA] Security Images (Captcha) ("Psi Prime, Matthew A Perosi " 2008)
  20. RE: [WebDNA] Security Images (Captcha) ("Olin Lagon" 2008)
  21. [WebDNA] Security Images (Captcha) ( 2008)
57 Maybe the server is allowing the file itself to be served. Kind regards Stuart Tremain IDFK Web Developments AUSTRALIA webdna@idfk.com.au > On 22 Oct 2015, at 08:25, Kenneth Grome wrote: > > Does anyone know a way to trick WebDNA into displaying db data in > the browser, perhaps by sending URL parameters that would make > WebDNA behave improperly ... or by some other method that does not > require FTP or SSH or direct server access? > > Wasn't there some kind of bug that allowed this unless specific > measures were taken to prevent it? > > I cannot recall the details but it seems to me that there was > something a regular website visitor could do that would cause > this. I only wish I could remember the details now, but maybe > someone else can ... ? > Regards, > Kenneth Grome > WebDNA Solutions > http://www.webdnasolutions.com > Web Database Systems and Linux Server Administration > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > Bug Reporting: support@webdna.us --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us . Stuart Tremain

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Re:Emailer and encryption (1997) Emailer (1997) best way to test for the existence of a parameter in a url (2003) Setting up shop (1997) What am I missing? (1998) credit card - Revised (1997) Pithy questions on webcommerce & siteedit (1997) Text data with spaces in them... (1997) Max Record length restated as maybe bug (1997) WebCat2.0 acgi vs plugin (1997) How do I send a 404 HTTP header ? (2004) WebCatalog for guestbook ? (1997) OT- AS/400 and Macs (2003) [WebDNA] Manual install on Manjaro and MariaDB (2017) Formatting time output (2000) [listfiles] problems (1997) Mac GUI editors (1997) Payment calculator ?? (2000) Logical and or in [hideif] (1997) New public beta available (1997)