Threat Post

PayPal Addresses Months-Old SQL Injection Vulnerability, Frozen Accounts

Researchers with Vulnerability Lab today announced mega payment processor PayPal has fixed a flaw on its site that allowed a remote user or a local user with low privileges to compromise a Web ...
Search Engine Land

Yoast WordPress SEO Plugin Vulnerable To Hackers

Millions of WordPress sites may be exposed to a Blind SQL Injection vulnerability due to a security hole in the very popular Yoast SEO plugin. The plugin has been updated, make sure to update your ...
Krebs on Security

Tag Archives: blind sql injection

A recent breach at billing and support software provider WHMCS that exposed a half million customer usernames, passwords — and in some cases credit cards — may turn out to be least of the company’s ...
Dark Reading

New Plug-ins Help Firefox Find XSS, SQL Injection

4:14 PM -- Two new Firefox plug-ins were released last month to assist developers and security professionals in testing for cross-site scripting (XSS) and SQL injection vulnerabilities. Even though ...
Bleeping Computer

WordPress 5.8.3 security update fixes SQL injection, XSS flaws

The WordPress development team released version 5.8.3, a short-cycle security release that addresses four vulnerabilities, three of which are rated of high importance. The set includes an SQL ...
Bleeping Computer

Telegram-Based SQL Injection Scanner Available for $500 on Hacking Forum

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...
Computerworld

Malicious code injection: It’s not just about SQL anymore

The good news: Developers are becoming increasingly aware of the threat posed by SQL injection attacks and the pitfalls of leaving pre vulnerable to such attacks. The bad news: there are other types ...