Well, if it wasn't cfqueryparam, I don't see any issues in the SQL that would cause ... anything.
Am I missing something here? If it wasn't scrubbed, what would it do? On Fri, Nov 18, 2011 at 9:02 AM, Wil Genovese <[email protected]> wrote: > > No clue what they are after, but I have been seeing that in my error > notification alerts the week. Good old cfqueryparam has been working like a > charm! > > > > Wil Genovese > Sr. Web Application Developer/ > Systems Administrator > CF Webtools > www.cfwebtools.com > > [email protected] > www.trunkful.com > > On Nov 18, 2011, at 10:57 AM, "Claude Schnéegans > <schneegans"@internetiq.trunkful.com wrote: > >> >> Hi, >> >> Since a few days, I have all my sites receiving requests in which a string >> like "/**/or/**/1=@@version)--" is added in the URL. >> >> Has someone any idea what this guy is actually trying to do ? >> >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348812 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
