sql-injection Archives

MOVEit Transfer breaches are a perfect storm of application security risks

SQL injection vulnerability in MOVEit Transfer leads to data breaches worldwide

Real-Life Vulnerabilities Reported by Invicti

Fragmented SQL Injection Attacks – The Solution

What is SQL injection? The SQL injection vulnerability allows malicious hackers to inject arbitrary code in SQL queries, thus being able to directly retrieve and alter data stored in a website’s database.

SQL injection cheat sheet

New SQL Injection in Joomla! CMS Allows Attackers Full Administrative Privileges When Exploited

This posts gives you an overview of the new SQL Injection vulnerability identified in Joomla! CMS web application. When exploited, this new vulnerability allows attackers to gain full administrative access on the target website.

14 years of SQL injection history and still the most dangerous vulnerability

South African Police Web Application for Whistleblowers Hacked via SQL Injection

The repercussions an exploited web application vulnerability such as an SQL Injection can have are a lot. For example in this particular case, by exploiting an SQL injection vulnerability malicious hackers published a list of whistleblowers in South Africa, endangering their lives. This example highlights the importance of identifying each and every web application vulnerability, since a malicious hacker only needs to exploit one. Full details about the attack in this blog post.

Web Application Security Misconception; Are All Vulnerabilities Equally Dangerous?

In this web application security blog post, Robert Abela talks about a common misconception in the web security industry; are all vulnerabilities equally dangerous? Abela explains and answers this common misconception using an example with two of the most popular web application vulnerabilities typically listed in OWASP Top 10; Cross-site scripting (XSS) and SQL Injection.