Didn't know about that IP. Thanks They got in through some code that was written literally 10 years ago on one of the clients forgotten sites. I've fixed up the cfquery tags and added my anti-injection code to the whole dir.
Thanks -- Michael On Tue, Jan 12, 2010 at 6:31 PM, Jerry Johnson <jmi...@gmail.com> wrote: > > Yes. > > All from ip 91.212.226.161 > > Which we have blocked at our firewall. > > Annoying, but we saw these coming 2 summers ago, and took steps. > > > > On Tue, Jan 12, 2010 at 6:05 PM, Michael Dinowitz < > mdino...@houseoffusion.com> wrote: > >> >> Has anyone seen any recent SQL injection attacks on their sites or in >> the wild? I just cleaned a bunch of JS and other code from a clients >> DB. Most of the scripts were running those fake anti-virus popups but >> some had other things like lung cancer scams. >> >> Anyone see anything? >> >> Thanks >> >> -- >> Michael >> >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:329610 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4