Threat Post

SAP Patches 12 SQL Injection, XSS Vulnerabilities in HANA

SAP patched a dozen holes in its in-memory management system HANA that could have led to SQL injections, cross-site scripting (XSS) errors, and memory corruption vulnerabilities. SAP patched a dozen ...
Dark Reading

SQL Injection Vulnerabilities Surge

SAN DIEGO, Jan. 20, 2015 – DB Networks, an innovator of intelligent continuous monitoring for core networks, today announced that after years of steady decline, 2014 witnessed a significant uptick in ...
Business Wire

Veracode Makes Urgent Detection of SQL Injection and XSS Vulnerabilities at Massive Scale a Reality

BURLINGTON, Mass.--(BUSINESS WIRE)--Faced with the reality that exploiting a single SQL Injection vulnerability or cross-site scripting (XSS) error in any web ...
Threat Post

Magento Patches Critical SQL Injection and RCE Vulnerabilities

Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site. Magento patched 37 vulnerabilities on Thursday, ...
Dark Reading

Serving Up Malicious PDFs Through SQL Injection

These days SQL injection vulnerabilities may seem like a dime a dozen, but creative penetration testers and attackers continue to come up with new ways to take advantage of this vulnerability class ...
Computerworld

Ruby on Rails patches tackle SQL injection vulnerabilities

Two SQL injection vulnerabilities were patched in Ruby on Rails, a popular open-source Web development framework used by some high-profile websites. The Rails developers released versions 3.2.19, ...
Searchenginejournal.com

Vulnerabilities Discovered in Five WooCommerce WordPress Plugins

The U.S government National Vulnerability Database (NVD) published warnings of vulnerabilities in five WooCommerce WordPress plugins affecting over 135,000 installations. Many of the vulnerabilities ...