ios that the product that is done with servlets and requires to make configuration changes to your JRUN servlet mappings? Absolute nightmare that, especially if your on a shared host.
Russ -----Original Message----- From: "Munson, Jacob" <[EMAIL PROTECTED]> To: CF-Talk <[email protected]> Date: Thu, 27 Apr 2006 09:45:55 -0600 Subject: RE: CartWeaver SQL injection holes > > On 4/26/06, James Holmes <[EMAIL PROTECTED]> wrote: > > As I thought (and you pointed out), they failed to use cfqeuryparam. > > It still amazes me that anyone would consider this a good idead. > > Oh, did you get your hands on a copy and check it out? It surprises me > that this wasn't noticed earlier...but most people probably just buy > CartWeaver and plug it in. I'm not even sure how widely it's used. > > > ---------- > > This transmission may contain information that is privileged, > confidential and/or exempt from disclosure under applicable law. If you > are not the intended recipient, you are hereby notified that any > disclosure, copying, distribution, or use of the information contained > herein (including any reliance thereon) is STRICTLY PROHIBITED. If you > received this transmission in error, please immediately contact the > sender and destroy the material in its entirety, whether in electronic > or hard copy format. Thank you. A1. > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:238904 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
