CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...
CMS Wire

SQL Injection and Little Bobby Tables: How to Protect Your CMS

If your eyes glazed over at the recent announcement of an “SQL injection” vulnerability in WordPress, take heart. You’re not alone. SQL injection attacks are a common kind of security flaw, but are ...
Bleeping Computer

CISA urges software devs to weed out SQL injection vulnerabilities

CISA and the FBI urged executives of technology manufacturing companies to prompt formal reviews of their organizations' software and implement mitigations to eliminate SQL injection (SQLi) security ...
Threat Post

Drupal Fixes Highly Critical SQL Injection Flaw

Drupal has patched a critical SQL injection vulnerability in version 7.x of the content management system that can allow arbitrary code execution. Drupal has patched a critical SQL injection ...
Visual Studio Magazine

IIS Tool Filters SQL-Injection Attacks

Microsoft’s UrlScan 3.0 is an improved security filter for Internet Information Services Web server designed to prevent SQL-injection attacks. Microsoft released an improved security filter for its ...