SQL Injection attack redux

Posted At : July 24, 2008 2:45 AM | Posted By : Robert Munn
Related Categories: Programming,Security

There is a new bout of SQL injection attacks making the rounds on the Internet right now, and some of these attacks are specifically targeted at sites running on ColdFusion. Check out a post from Ben Forta on the latest SQL injection attacks for more background.

What can you do to protect yourself? The best thing you can do is secure all of the variables in your database queries inside CF with the <cfqueryparam> tag. Using <cfqueryparam> will shut the door on random SQL strings being injected into your applications.

Send |

Digg It! |

Linking Blogs | 148 Views

Comments

There are no comments for this entry.

[Add Comment]

Calendar

Search

Recent Comments

Object instantiation and heap size in ColdFusion
Estetik said: Thank you very much for this interesting Article and for sharing your thoughts with us. [More]

Object instantiation and heap size in ColdFusion
plastik cerrahi said: Leah is definitely the one who should win. Science Fiction Conventions? What?! She deserves a win, i... [More]

Connecting to a TLS-enabled mail server in ColdFusion
tasah said: http://www.cce.ufl.edu/LE... [More]

Linux Virtualization Using KVM - Tackling the /dev/fb0 not found issue
Gabriel said: I want to thank you too. Your article was one of several that led me right while trying to get kvm g... [More]

Vista Experiences
Nat Papovich said: That's a lot of tech jargon. How about getting a macbook? I made the switch and it was easy. I run X... [More]

Recent Entries

Bolt - The new CF IDE
Live Search Experiences

Subscribe

Enter your email address to subscribe to this blog.

RSS

Archives By Subject

Business (13) [RSS]
ColdFusion (3) [RSS]
Databases (1) [RSS]
Enterprise 2.0 (4) [RSS]
Enterprise Search (5) [RSS]
Flex (1) [RSS]
IT Evolution (18) [RSS]
IT Governance (2) [RSS]
Linux (6) [RSS]
Open Source (12) [RSS]
Programming (22) [RSS]
Security (4) [RSS]
SOA (5) [RSS]
Web 2.0 (6) [RSS]
Windows (2) [RSS]

Tags

business it evolution open source programming

NAVIGATION

Home

BlogCFC was created by Raymond Camden. This blog is running version 5.8.001.