isnt it where you can take a form field and rather than posting comments, actually post sql code, and with your submission potentially start an sql command that might actually be malicious?
tw On 5/30/06, Jacob <[EMAIL PROTECTED]> wrote: > So, every ColdFusion programmer I have interviewed does not know what SQL > injection is... > > This is going to be fun. > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:5:207741 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/5 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.5 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
