Protecting ColdFusion Applications Against SQL Injection Attacks
I just saw this article on the Adobe Developer Center written by Ryan Wagener discussing what SQL injection attacks are and how to prevent them in your ColdFusion applications. If you are a new developer who does not understand the ramifications of a SQL injection attack, then this is a must read. ColdFusion has quite a few built in mechanisms that you can use throughout your code to help prevent these attacks. As Ryan pointed out in his article, it's up to the developer to prevent these attacks. In other words, it's up to YOU to write your code in a way that makes these attacks a mute point for your application. Any language can fall prey to these attacks, not just ColdFusion. Whatever language you program in, you should learn the methods to prevent these attacks.