Looks that way. Rey
Rick King wrote: > Hey all, > > I just received this email that is generated when there is an error on a site > I built (www.woreitonce.com) > > -------------------E-MAIL-------------------------------- > Invalid data 1 and 1=convert(int,(select top 1 char(97)+admin_password from > tbl_adminusers)) for CFSQLTYPE CF_SQL_INTEGER. <br>The error occurred on > line 30. > Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 > Firefox/2.0.0.6 > 81.10.46.130 > > /Details.cfm > > ProdID=1%20and%201=convert(int,(select%20top%201%20char(97)%2badmin_password%20from%20tbl_adminusers)) > > ---------------------E-MAIL------------------------ > > Is this a SQL injection attack? Anything I can do? > > Thanks > Rick > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Enterprise web applications, build robust, secure scalable apps today - Try it now ColdFusion Today ColdFusion 8 beta - Build next generation apps Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285485 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
