DELETE * FROM person and they will :) On 3/31/06, Dale Fraser <[EMAIL PROTECTED]> wrote: > > Dam, > > That really looks open to SQL Injection, someone should let them know. > > Regards > Dale Fraser > > > -----Original Message----- > > From: [email protected] [mailto:[EMAIL PROTECTED] On > > Behalf Of Chad Renando > > Sent: Friday, 31 March 2006 14:06 PM > > To: [email protected] > > Subject: [cfaussie] tvguide.com.au > > > > > > Crash, bang, boom of a CF site. > > > > I wonder what kind of traffic they get? Might be some job opps > > opening up or maybe just some hosting opportunities maybe? ;) > > > > Chad > > > > -------------------------------------------------------------------------- > > --------------------------------------- > > > > The web site you are accessing has experienced an unexpected error. > > Please contact the website administrator. > > > > The following information is meant for the website developer for > > debugging purposes. > > Error Occurred While Processing Request > > Error Executing Database Query. > > [Macromedia][SQLServer JDBC Driver][SQLServer]Database 'users' cannot > > be opened because it is offline. > > > > The error occurred in D:\web\tvguide.com.au\index.cfm: line 32 > > > > 30 : select person_id, password > > 31 : from users.dbo.person > > 32 : where person_id = #Val(cookie.person_id)# > > 33 : </cfquery> > > 34 : > > > > SQL select person_id, password from users.dbo.person where > > person_id = 2617356 > > DATASOURCE hww_sql > > VENDORERRORCODE 942 > > SQLSTATE HY000 > > Resources: > > > > * Check the ColdFusion documentation to verify that you are using > > the correct syntax. > > * Search the Knowledge Base to find a solution to your problem. > > > > Browser Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.9) > > Gecko/20050711 Firefox/1.0.5 (ax) > > Remote Address 58.104.59.236 > > Referrer > > Date/Time 31-Mar-06 02:01 PM > > Stack Trace > > at cfindex2ecfm1650242660.runPage(D:\web\tvguide.com.au\index.cfm:32) > > at cfindex2ecfm1650242660.runPage(D:\web\tvguide.com.au\index.cfm:32) > > > > java.sql.SQLException: [Macromedia][SQLServer JDBC > > Driver][SQLServer]Database 'users' cannot be opened because it is > > offline. > > at macromedia.jdbc.base.BaseExceptions.createException(Unknown > > Source) > > at macromedia.jdbc.base.BaseExceptions.getException(Unknown Source) > > at > > macromedia.jdbc.sqlserver.tds.TDSRequest.processErrorToken(Unknown Source) > > at > > macromedia.jdbc.sqlserver.tds.TDSRequest.processReplyToken(Unknown Source) > > at macromedia.jdbc.sqlserver.tds.TDSRequest.processReply(Unknown > > Source) > > at > > macromedia.jdbc.sqlserver.SQLServerImplStatement.getNextResultType(Unknown > > Source) > > at > > macromedia.jdbc.base.BaseStatement.commonTransitionToState(Unknown Source) > > at macromedia.jdbc.base.BaseStatement.postImplExecute(Unknown > > Source) > > at macromedia.jdbc.base.BaseStatement.commonExecute(Unknown Source) > > at macromedia.jdbc.base.BaseStatement.executeInternal(Unknown > > Source) > > at macromedia.jdbc.base.BaseStatement.execute(Unknown Source) > > at > > coldfusion.server.j2ee.sql.JRunStatement.execute(JRunStatement.java:212) > > at coldfusion.sql.Executive.executeQuery(Executive.java:719) > > at coldfusion.sql.Executive.executeQuery(Executive.java:652) > > at coldfusion.sql.Executive.executeQuery(Executive.java:613) > > at coldfusion.sql.SqlImpl.execute(SqlImpl.java:236) > > at coldfusion.tagext.sql.QueryTag.doEndTag(QueryTag.java:499) > > at > > cfindex2ecfm1650242660.runPage(D:\web\tvguide.com.au\index.cfm:32) > > at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:152) > > at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:349) > > at coldfusion.filter.CfincludeFilter.invoke(CfincludeFilter.java:65) > > at > > coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:210) > > at coldfusion.filter.PathFilter.invoke(PathFilter.java:86) > > at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:69) > > at > > coldfusion.filter.BrowserDebugFilter.invoke(BrowserDebugFilter.java:52) > > at > > coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersisten > > ceFilter.java:28) > > at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38) > > at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38) > > at > > coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22) > > at > > coldfusion.filter.RequestThrottleFilter.invoke(RequestThrottleFilter.java: > > 115) > > at coldfusion.CfmServlet.service(CfmServlet.java:107) > > at > > coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:78) > > at jrun.servlet.FilterChain.doFilter(FilterChain.java:86) > > at com.seefusion.Filter.doFilter(Filter.java) > > at com.seefusion.SeeFusion.doFilter(SeeFusion.java) > > at jrun.servlet.FilterChain.doFilter(FilterChain.java:94) > > at jrun.servlet.FilterChain.service(FilterChain.java:101) > > at jrun.servlet.ServletInvoker.invoke(ServletInvoker.java:91) > > at > > jrun.servlet.JRunInvokerChain.invokeNext(JRunInvokerChain.java:42) > > at > > jrun.servlet.JRunRequestDispatcher.invoke(JRunRequestDispatcher.java:257) > > at > > jrun.servlet.ServletEngineService.dispatch(ServletEngineService.java:541) > > at > > jrun.servlet.jrpp.JRunProxyService.invokeRunnable(JRunProxyService.java:20 > > 4) > > at > > jrunx.scheduler.ThreadPool$DownstreamMetrics.invokeRunnable(ThreadPool.jav > > a:318) > > at > > jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRunnable(ThreadPool.java:4 > > 26) > > at > > jrunx.scheduler.ThreadPool$UpstreamMetrics.invokeRunnable(ThreadPool.java: > > 264) > > at jrunx.scheduler.WorkerThread.run(WorkerThread.java:66) > > > > > > > >
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie -~----------~----~----~----~------~----~------~--~---
