Tag: SQL Injection

  • SQL Injection Lab: Think Like a Hacker

    Security is IT’s top spending priority according to the 2017/2018 Computer Economics IT Spending & Staffing Benchmarks report*. Given the …

  • WordPress Issues Emergency Patch for SQL Injection Vulnerability

    The Halloween fright, CVE-2017-14723, was discovered and reported to the bug bounty program in September by researcher Anthony Ferrara. …

  • WordPress site admins: Update immediately!

    If you’re running your website on WordPress and you haven’t yet upgraded to version 4.8.3, you should do so without delay. The advice …

  • WordPress releases the version 4.8.3 to address a serious SQL Injection vulnerability

    WordPress developers fixed a serious SQL injection vulnerability on Tuesday with the release of version 4.8.3.. Apply it as soon as …

  • WordPress 4.8.3 released with patch for SQL injection (SQLi) which affected all the previous version

    WordPress 4.8.3 released with the security patches for all previous versions. The update includes the issue with $wpdb->prepare() which …

  • Unpatched SQLi vulnerability in SmartVista e-commerce suite

    Companies using SmartVista, the popular e-commerce/payment management product suite developed by Swiss company BPC Banking Technologies, …

  • WordPress 4.8.2 is out, update your website now

    WordPress 4.8.2 is out, featuring nine security fixes website owners will want to apply, well, now. All told, there have been six updates this year featuring security fixes, including January’s silent patch for a nasty zero day, this being the first since May’s v4.7.5. Read full news article on Naked Security  

  • Statistics About the Security State of 104 Open Source Web Applications

    Every year we publish a number of statistics about the vulnerabilities which the Netsparker web application security scanner automatically identified in open source web applications. Netsparker is a heuristic web application security scanner, so all these vulnerabilities have been identified heuristically, and not with signatures. Read full news article on Dzone  

  • How an Attacker Sees Your Website

    You don’t have to try very hard to hear about the latest cyber attack. Sony, Yahoo, LinkedIn are just a few of the recent victims. Read full news article on Dzone  

  • Defence in Depth, Part 4: Validate Everything, Parameterize SQL Queries

    Trust No One, Validate Everything Unfortunately, most vulnerabilities at the application layer can’t simply be patched by applying an update. In order to fix web application vulnerabilities, software engineers often need to correct mistakes within the application code. Read full news article on Dzone  

  • SQLMAP-Detecting and Exploiting SQL Injection- A Detailed Explanation

    Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the…

  • 36 Security Terms You Need to Know

    The topic of security in software development is diverse and often carries many different meanings to different teams. To help clear up questions and confusion surrounding security, the Editorial Team here at DZone compiled a list of some of the most import security-related terms that you should know. Read full news article on Dzone