Mass SQL injection attack, take four: Yet another wave of SQL injection attacks is exploiting an Adobe Flash vulnerability that appears to be coming from the same series of attacks originating from ...

The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application ...

Last week, Trustwave SpiderLabs discovered a SQL injection vulnerability exploit in widely popular web content management software (CMS) Joomla that allowed for access to administrative areas. Shortly ...

The Joomla CMS project released today Joomla 3.7.1 to fix an SQL injection flaw that allows attackers to execute custom SQL code on affected systems and take over vulnerable sites. Sucuri analyst Marc ...

Users of a widely used firewall from Sophos have been under a zero-day attack that was designed to steal usernames, cryptographically protected passwords, and other sensitive data, officials with the ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Birgitta Böckeler, Distinguished Engineer at ...

The proof-of-concept exploit is easy to execute, and could foretell wider targeting of the Fortinet vulnerability by attackers. Security researchers have released technical details and a ...

A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents — presenting a prickly risk ...

Attack code was published on Friday that exploits a critical vulnerability in the Magento e-commerce platform, all but guaranteeing it will be used to plant payment card skimmers on sites that have ...

Reports that the latest SQL injection exploit may have impacted hundreds of thousands of sites running IIS and SQL Server in recent days has put Microsoft, once again, on the defensive. Redmond's ...