ZDNet

phpMyAdmin Plugs SQL Injection, XSS Flaws

A new version of phpMyAdmin has been released to plug two serious security holes that could lead to SQL injection and cross-site scripting attacks. According to an advisory from the maintainers of the ...
InfoWorld

Video: How to hack PHP sites with SQL injection

PHP is a very handy — and widespread — Web programming language. But as Tom Scott demonstrates in the video below, it’s also quite vulnerable to a basic SQL injection attack that could give a hacker ...
Computerworld

Drupal releases patch for serious SQL injection flaw

Drupal has released a patch for a highly critical flaw in its content management system, which could allow rogue code to run. Drupal, which is a volunteer open-source project whose software is used by ...
Threat Post

Joomla Update Patches Critical SQL Injection Vulnerability

Joomla released a new version of its CMS Thursday, 3,4,5, that addresses a critical SQL injection vulnerability that could have let attackers gain access to data in the backend of any site running the ...
Computerworld

MySQL website falls victim to SQL injection attack

Oracle’s MySQL.com customer website was apparently compromised over the weekend by a pair of hackers who publicly posted usernames, and in some cases passwords, of the site’s users. Taking credit for ...
The Verge

Researchers say a bug let them add fake pilots to rosters used for TSA checks

TSA security could be easily bypassed by using a simple SQL injection technique, say security researchers. TSA security could be easily bypassed by using a simple SQL injection technique, say security ...