When I try to login I get an error: The cause of this output exception was that: coldfusion.tagext.sql.QueryParamTag$InvalidDataException: Invalid data
I was able to do this because the username field doesn't have a limit to the field size, so I send a value so large it broke it. Because of this I was able to get a look at a portion of your application.cfm and see how the authentication query works. One of the most important things is to ensure that even if your forgot to check something specific, the end user should never get an error like that. > -----Original Message----- > From: Ian Skinner [mailto:[EMAIL PROTECTED] > Sent: Wednesday, March 02, 2005 2:31 PM > To: CF-Community > Subject: Another CF site to hack. > > So can you all tell me the vulnerabilities I have in this site? > > www.sierraoutdoorrecreation.com > > -------------- > Ian Skinner > Web Programmer > BloodSource > www.BloodSource.org > Sacramento, CA > > "C code. C code run. Run code run. Please!" > - Cynthia Dunning > > Confidentiality Notice: This message including any > attachments is for the sole use of the intended > recipient(s) and may contain confidential and privileged > information. Any unauthorized review, use, disclosure or > distribution is prohibited. If you are not the > intended recipient, please contact the sender and > delete any copies of this message. > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:5:148908 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/5 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
