| Subject: | Re: verynx SQL injection attack |
|---|---|
| From: | "Kronin555" <webforumsuser@xxxxxxxxxxxxxx> |
| Date: | Wed, 23 Jul 2008 21:06:20 +0000 (UTC) |
| Newsgroups: | macromedia.coldfusion.server_administration |
> I wondered if there is/will be a patch to remove this vulnerablility from CF7 ? It's not a vulnerability in CF7. It's a vulnerability of poorly-written code. Anytime you don't validate the data users are submitting before sending it to the database, or use best-practices like cfqueryparam'ing all your query variables, you are vulnerable to this. This isn't unique to CF, it affects ASP.NET, PHP, JSP, etc. |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Debugging mode, JFedSolo |
|---|---|
| Next by Date: | Re: verynx SQL injection attack, UniWebDude |
| Previous by Thread: | Re: verynx SQL injection attack, Ian Skinner |
| Next by Thread: | Re: verynx SQL injection attack, UniWebDude |
| Indexes: | [Date] [Thread] [Top] [All Lists] |