Social engineering can be much more effective, and harder to code for. ~Brad
-----Original Message----- From: Ian Skinner [mailto:[EMAIL PROTECTED] Sent: Monday, August 07, 2006 12:43 PM To: CF-Talk Subject: RE: Good script to prevent cross-site scripting & sql injection? I was under the impression that CFQUERYPARAM took care of all of the SQL injection possibilities. ------ All that I know of, but I understand hacker types to often be very creative and intelligent people. I always assume that they have, or will someday, figure out new attacks. The hope being that the attacks are so convoluted and time consuming to usually not be worth it. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:249035 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4