After reading the following pages... The Unexpected SQL Injection - When Escaping Is Not Enough http://webappsec.org/projects/articles/091007.shtml
SQL Injection Cheat Sheet http://ferruh.mavituna.com/makale/sql-injection-cheatsheet/ I wonder if our beloved <cfqueryparam> and <cfprocparam> are strong enough to defend all of the attacks mentioned in the pages above. Would any CF security expert please comment on this? Thanks! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Get involved in the latest ColdFusion discussions, product development sharing, and articles on the Adobe Labs wiki. http://labs/adobe.com/wiki/index.php/ColdFusion_8 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:290814 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
