troubleshooting Question

Website Sql Injection Attack

Avatar of Robcarter10
Robcarter10Flag for United States of America asked on
VulnerabilitiesWeb ServersWeb Applications
7 Comments1 Solution365 ViewsLast Modified:
A website that I work on  which is done in coldfusion recently was attacked through a sql injection attack similar to the one in

https://www.experts-exchange.com/Software/Server_Software/Web_Servers/ColdFusion/Q_23631269.html

I have read plenty of advice on how to fix the code. My question is about what someone could accomplish by this. They added a couple of tables and added code in some of the database fields that link to a javascript file. My concern is more about what information they would be able to access. Could they possibly use a select statement to access customer information?
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 7 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 7 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros