InfoWorld

Video: How to hack PHP sites with SQL injection

PHP is a very handy — and widespread — Web programming language. But as Tom Scott demonstrates in the video below, it’s also quite vulnerable to a basic SQL injection attack that could give a hacker ...
Dark Reading

Critical Security Flaw Exposes 1 Million WordPress Sites to SQL Injection

Attackers can exploit a critical SQL injection vulnerability found in a widely used WordPress plug-in to compromise more than 1 million sites and extract sensitive data such as password hashes from ...
Dark Reading

The Programming Languages That Spawn The Most Software Vulnerabilities

The wave of WordPress and Drupal vulnerability warnings and patches over the past couple of years, as well as the never-ending discovery of SQL injection bugs in Web applications, can actually be ...
CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...
InfoWorld

SQL injection attacks led to massive data breaches

This week’s disclosure that the huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks could finally push retailers into paying serious attention to Web ...