Let me just jump in with a quick question or two about this... Is this something that using cfqueryparam doesn't take care of? Is this a serious enough problem that we need to use such measures as Portcullis to defend our sites?
I do see "form injection" attempts at times through forms on my clients' sites, but they've always been caught by cfqueryparam and haven't caused any problems. Rick > -----Original Message----- > From: Gerald Guido [mailto:[EMAIL PROTECTED] > Sent: Tuesday, July 22, 2008 9:23 AM > To: CF-Talk > Subject: Re: (ot) URL Hack Attempt Leaves Me Scractching My Head... > > I saw this on the Riaforge update today. Looks like a SQL Jimmy wrapper for > your site. > > http://portcullis.riaforge.org/ > -------------------------- > Portcullis is a CFC based url,form,cookie filter to help protect against SQL > Injection and XSS (Cross Site Scripting) atacks. This CFC can help filter > input, strip tags and escape HTML based on internal settings. It can also > log attacks and temporarily block future attempts based on a set time limit. > Portcullis can be installed into any ColdFusion application as a simple > shared scoped singleton. > > 1.0.5 (7/21/2008) - Added some key words to block the popular CAST()/ASCII > injection attack. Also, fixed a bug reported if ampersands are in the url > string it sometimes mixes up the variable naming > ------------------------------- > > 1.0.5 was updated yesterday. Coincidence? I think not. ;) > > ~G~ > > > -- > "If everything seems under control, you're not going fast enough" > -- Mario Andretti > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:309455 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
