Skip to main content
B
blackandwhite
Inspiring
November 18, 2010
Question

Inputing -1 in form submission

  • November 18, 2010
  • 3 replies
  • 638 views

Hi All,

I appear to have someone who is submitting forms on our website and keeps including "-1" in various fields. They're even appearing in hidden fields passed on in the form.

Some examples:

You have received feedback for image: _sep_2008_ 128.jpg in category crops - -1'

Did I find it useful?: yes,no
Im a: teacher,student,pupil,other

Comment:

You have received feedback for image: -1' in category crops - oilseeds

Did I find it useful?: yes,no
Im a: teacher,student,pupil,other

Comment:

You have received feedback for image: _sep_2008_ 128.jpg in category -1' - oilseeds

Did I find it useful?: yes,no
Im a: teacher,student,pupil,other

Comment:

The time between the form submissions and the data returned does look like some kind of automated submission.

Is anyone aware of an "attack" like this on a ColdFusion server?

Best wishes

Trevor

    This topic has been closed for replies.

    3 replies

    J
    JMF3
    Participating Frequently
    November 18, 2010

    The -1 is just a placeholder, I would guess what they're really testing is

    the ' after it, looking for SQL injection weakness. And, yes, I get a few

    of these in URLs every day or so, but no biggie so long as CFQUERYPARAM is

    doing its job (which it is, for me).

    R
    recursivecodes
    Participating Frequently
    November 18, 2010

    I wouldn't worry much about it - unless you're not using <cfqueryparam> on your inserts.

    B
    blackandwhiteAuthor
    Inspiring
    November 18, 2010

    Hummmmm, reading up on it now. Thanks for your help

    Trevor

    12Robots
    12Robots
    Participating Frequently
    November 18, 2010

    I see this all the time in server logs.  I think it is a bot/script fishing for attack surface info (i.e. error messages) and/or forms that will allow bot submits.

    I do not think this would not be anything specifically against ColdFusion.

    Jason

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices