3 Replies Latest reply on Jun 30, 2015 9:04 AM by Dave Ferguson

    blind sql injection vulnerability on scan

    ronboy30

      Any suggestions on how to remediate blind sql injection vulnerability?  The page in particular has no SQL at all but the finding says

       

      Using the GET HTTP method, Nessus found that : The following resources may be vulnerable to blind SQL injection (time based) :

       

      "The page parameter of the store.cfm CGI"

       

      store.cfm?country=0&dodaac=N&page=case_lot_dates';SELECT%20pg_sleep(3);--

       

      When I execute the code above, nothing happens but displaying of the site error page.  I don't think that I can explain it away as a "false positive".  These URL values (country, dodaac, page) are not user input.  The values are static.  I didn't know whether to try and use urlencodedformat method to eliminate it.

       

      We are using CF9 in production but going to CF11 which is in dev and test.  Any suggestions are greatly appreciated.  Thanks.