this is SQL Injection. most hackers will first use a simple URL hack like this to identify vulnerable websites, their bot will collect the response and flag the ones that gave back the required response. If your site returned what they wanted, in this case SQL server version information, then they will attack you with a whole bunch of other SQL injection scripts that are intended to insert phishing Javascripts calls into your database, which will then be output into your page content on your site, this loading the phishing scripts into your unsuspecting visitors browsers.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348819 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
