Read this: http://www.coldfusionmuse.com/index.cfm/2008/7/18/Injection-Using-CAST-A nd-ASCII
~Brad -----Original Message----- From: Che Vilnonis [mailto:[EMAIL PROTECTED] Sent: Monday, July 21, 2008 9:55 AM To: CF-Talk Subject: (ot) URL Hack Attempt Leaves Me Scractching My Head... Just was looking at a 'user monitor' page on one of my sites and I saw the url string below being called. I've seen several sql injection urls before, but what the heck are they trying to accomplish here? Eeverything is cfqueryparam'ed. Thanks, Che ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:309331 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
