More on ColdFusion hacks
来源:http://isc.sans.org/diary.html?storyid=6730
Thanks to our reader Adam we received some additional information regarding recent ColdFusion hacks.
As I wrote in the previous diary (http://isc.sans.org/diary.html?storyid=6715), the attackers are exploiting vulnerable FCKEditor installations, which come enabled by default with ColdFusion 8.0.1 as well as some other ColdFusion packages.
阅读全文 »
