My guess is that you're using CFencrypt on a variable before you pass it through a query param. Is this the case?
Kevin -----Original Message----- From: David Delbridge [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 24, 2005 10:57 AM To: CF-Talk Subject: Security Issue? Hi all, Does anybody recognize this URL string pattern (%C2%A0%C2%A0It) as a security exploit? For example: http://www.mywebsite.com/form.cfm?ID=89%C2%A0%C2%A0It It produces the following error in CF: Incorrect syntax near '�'. SQL = "select * from DbName where (ID = 89� � It)" I've received a few of these in the past 24 hours, all from Inktomi's IP block. A Google search turns up nothing useful. Any ideas? Dave -- David M. Delbridge Circa 3000 ColdFusion Hosting http://www.circa3k.com 866-CIRCA3K (247-2235) Outside U.S: +1.775-832-2445 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:207539 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
