> Is is still possible to injection hack a site that is using the > REACTOR framework?
If you're using it the way it was designed to be used, probably not. There's a short list of things you should avoid with DataFaucet on the wiki and probably a very similar list would apply with Reactor. Here's the list for DataFaucet: http://datafaucet.wikispaces.com/SQL+Injection Hopefully you should be able to extrapolate from that if you're doing anything with Reactor that might make you vulnerable. :) -- s. isaac dealey ^ new epoch isn't it time for a change? ph: 781.769.0723 http://onTap.riaforge.org/blog ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:312512 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
