Joomla pushed out version 3.2.3 of its product last week, fixing a SQL injection zero day vulnerability that could have let attackers exploit sites running the CMS.

WordPress Loginizer Plugin has issued a security patch for a vulnerability that could allow a hacker to modify a database through an Unauthenticated SQL Injection exploit. This kind of exploit ...

A previously undiscovered flaw in Perplexity’s Comet browser let hidden commands extract user data, Brave researchers say.

Last week, Trustwave SpiderLabs discovered a SQL injection vulnerability exploit in widely popular web content management software (CMS) Joomla that allowed for access to administrative areas ...

The Magento content management system used by thousands of online shops has received fixes for several serious vulnerabilities, including an unauthenticated SQL injection flaw that’s likely to ...

“To turn this SQL injection vulnerability into remote code execution we used the built-in xp_cmdshell functionality of Microsoft SQL Server,” the researchers said in their technical write-up.

Brace yourselves: Exploit published for serious Magento bug allowing card skimming [Updated] Magento admins: Beware of SQL flaw that requires no authentication.

Download Manager WordPress Plugin This plugin contains a SQL Injection exploit that could lead to a Reflected Cross-Site Scripting attack. Publishers are advised to update to at least version 3.2.34.

Reports that the latest SQL injection exploit may have impacted hundreds of thousands of sites running IIS and SQL Server in recent days has put Microsoft, once again, on the defensive. Redmond's ...

SQL injection attacks, which exploit badly-written Web applications to directly perform actions against databases, are largely independent of the technology used to develop the applications ...