I have a Cold Fusion website. It has recently been getting SQL injection attacks. I need my CFQUERY coding fixed with? cfqueryparam tags and possibly some conditional coding. This would require fixing approximately? 70 CFQUERY's throughout.
There is free? software out there that does most of the work automatically. One is called QueryParam Scanner and the other is? **Parameterize-your-queries-without-lifting-a-finger**.? You can use these packages? to dramatically speed up the process of finding? and fixing the CFQUERY tags.
If you already have experience with this issue, then this job should be very straightforward.
## Deliverables
I am open to suggestions on how to fix this security problem. Basically, the code must NOT allow and prevent SQL Injections to my website.