> Everything is "paramed" to the hilt - I sanitize all form vars BEFORE > the query, and then use cfqueryparam on top of that ... so I'm guess > we're looking at a ftp vulnerability.
What about URL, CGI and Cookie scopes? All of those can cause the same problems. > Question though - how could an injection attempt on an unprotected query > add a piece of script to a static page that doesn't even have any > queries on it? > I'd kinda like to see what that looked like, if it's possible... Ask and ye shall receive! http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-slides Now, in addition to sanitizing your inputs, there are lots of other things you can do to limit these vulnerabilities: - prevent service accounts from writing to the filesystem in the web directory - limiting the rights of database logins used by your web applications - limiting the rights of service users generally Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353153 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
