Threat Post

phpMyAdmin Plugs SQL Injection, XSS Flaws

A new version of phpMyAdmin has been released to plug two serious security holes that could lead to SQL injection and cross-site scripting attacks. According to an advisory from the maintainers of the ...
Computerwoche Online

SQL injection attacks led to massive data breaches

This week's disclosure that the huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks could finally push retailers into paying serious attention to Web ...
ZDNet

SQL injection flaw opens Drupal sites to attack

The Drupal security team is reporting that versions of Drupal 7 prior to 7.32 are vulnerable to a "Highly Critical" SQL injection bug. Version 7.32 is now available to address the bug and the Drupal ...
Threat Post

WordPress Delivers Second Patch For SQL Injection Bug

A bug exploitable in WordPress 4.8.2 and earlier creates unexpected and unsafe conditions ripe for a SQL-injection attack. A bug exploitable in WordPress 4.8.2 and earlier creates unexpected and ...
Computerworld

Drupal releases patch for serious SQL injection flaw

Drupal has released a patch for a highly critical flaw in its content management system, which could allow rogue code to run. Drupal, which is a volunteer open-source project whose software is used by ...
GIGAZINE

SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was used to break into the US Treasury Department

On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...