Cary Gordon wrote: > CFQueryParam gives you an easy way to validate the query params. Some > clever, bored hackers have figured out how to do things like pass a drop > table query through the header. It is an even easier exploit if you are > passing query parameters through the url string.
a simple example .. passing the column name instead of a value can get very damaging delete from comments where comment_id = #comment_id# which when #comment_id# = comment_id means delete from comments where comment_id=comment_id or as comment_id=comment_id is always true actually becomes delete from comments neat huh? or with users update user set password='#password#' where user_id=#user_id# nice way to reset all passwords on the site z z ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting.
