The query you provided is only retrieving the offending code but would likely not be the source. I'd look at other sources.
1. Check if the javascript is saved in the database along with the feedback. If it is, then start looking at all the places where the feedback is entered. 2. Are you storing the IP address of who left the feedback with the embedded javascript? If you are, you can then check if it's coming from you not clued in user's computer. - Gabriel On Mon, Mar 22, 2010 at 7:46 AM, Anthony Doherty <[email protected]> wrote: > > The Feedback section is entered with an administration section and this is > locked down with a username and password. > > The feedback section is only a text field and the person using the site lets > say is not clued in! > > Throughout the site i have a number of pages that are database driven and the > customer feedback page is the only one that is being effected as all the > other queries are using CFQUERYPARAM for variables. They are amending the > FEEDBACK field and entering a piece of javascript that redirects the user to > a site that contains spyware and malware. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:331934 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
