A CFM to cleanse database records attacked by SQL Injection

This is nothing too fancy, but may help anyone who has to deal with this issue. Recently a client’s [very old] website was compromised by a sql injection attack. The infected records all had a script appended to their TEXT field, “body”. Instead of cleaning these manually as I first thought I would, I came up with this simple CF page.

<cfquery name="read" dataSource="#session.datasource#">
SELECT id, body
FROM news_pr
WHERE (body LIKE '<script>')
</cfquery>

<cfoutput query="read">
	#id#:
	#findNoCase("<script>", body)#:
	<cfset newString = left(body,findNoCase("<script>", body)-1)>
	#left(newString,50)#...#right(newString,100)#
	<br><br>

	<cfset form.body = newString>
	<cfset form.id = read.id>
	<cfupdate tableName="news_pr" dataSource="#session.datasource#">

	<cfflush>
</cfoutput>

Quick and dirty, I know. But it worked.

Of course, this only works if the injected material is at the end of the text field.