I'd go through your whole app and implement CFQueryparam, shut off robust exception information, and implement a sitewide error handler. I've found places that expose SQL that shows where injection is possible.
-Joe On 5/31/05, dave <[EMAIL PROTECTED]> wrote: > like that has a chance in hell but the real page has video controls and mute > button > > ~Dave the disruptor~ > This bottle of lemonaid says "contains no lemon juice" > and the can of Pledge says "contains real lemon juice" > figures @%*((&% > > ---------------------------------------- > From: "Michael T. Tangorre" <[EMAIL PROTECTED]> > Sent: Tuesday, May 31, 2005 7:48 AM > To: CF-Talk <[email protected]> > Subject: RE: anyone bored? > > > From: dave [mailto:[EMAIL PROTECTED] > > and wanna help go thru a site and find bugs? > > There isn't a lot there but mostly concerned with the > > shopping cart (its in test mode cc wont be charged) and cross > > browser issues and just general feedback. > > It's for www.icandfashion.com, if you are up to it lemme > > know and I will send u link off list > > Yikes, I would ditch the sound on the homepage at the link above. > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:208054 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
