With a little side of applesauce...

Monday, July 21, 2008

Coldfusion - SQL injection attack

Pretty interesting SQL injection attack:
http://www.coldfusionmuse.com/index.cfm/2008/7/18/Injection-Using-CAST-And-ASCII

It describes the attack, and the fix. (Always use CFQUERYPARAM).

No comments: