SQL Injection Reminder

Barracuda Networks was recently the victim of a SQL injection attack, as noted on their blog. Today they posted a follow up with some details as to how the attack occurred. And while this was a PHP site, the risk and lessons are just as important for anyone using languages that allow for dynamic SQL creation, including ColdFusion.

One response to “SQL Injection Reminder”

  1. Aaron Neff Avatar
    Aaron Neff

    Barracuda Networks should use cfqueryparam =P

Leave a Reply