InfoWorld

Video: How to hack PHP sites with SQL injection

PHP is a very handy — and widespread — Web programming language. But as Tom Scott demonstrates in the video below, it’s also quite vulnerable to a basic SQL injection attack that could give a hacker ...
Dark Reading

'Ardilla' Automatically Roots Out SQL Injection And XSS, Generates Attacks

Researchers have built a tool that automatically finds and exploits SQL injection and cross-site scripting vulnerabilities in Web applications. The so-called Ardilla tool uses a technique developed by ...
Dark Reading

The Programming Languages That Spawn The Most Software Vulnerabilities

The wave of WordPress and Drupal vulnerability warnings and patches over the past couple of years, as well as the never-ending discovery of SQL injection bugs in Web applications, can actually be ...
Linux Journal

Drupageddon: SQL Injection, Database Abstraction and Hundreds of Thousands of Web Sites

Drupal is a very widely used open-source content management system. It initially was released in 2001, and recent statistics show Drupal as the third-most popular content management system, with just ...