QueryParam Scanner v0.7.5 Released
Earlier this week I promoted the release candidate for 0.7.5 of QueryParam Scanner to full release.
For anyone unaware, QueryParam Scanner is a simple tool for identifying unparameterised variables in CFML queries (which may indicate a potential SQL injection risk).
This version has a handful of bug fixes and code cleanups, resulting in faster more accurate scanning than previous versions, plus the addition of JSON output format, giving a more lightweight option if used in scripted processes.
For further details on these, see the previous RC article; other than a couple of trivial fixes and a new readme, nothing has changed since that.
To download the latest version, you can either clone the git repo, or grab it as a zip archive from the GitHub tags page.
For any feedback, problems, or questions, please use the issue tracker.