SQL injection Archives - Page 2 of 6

Pierluigi Paganini February 08, 2018

Joomla 3.8.4 release addresses three XSS and SQL Injection vulnerabilities

Joomla development team has released the Joomla 3.8.4 that addresses many issues, including an SQL injection bug and three cross-site scripting (XSS) flaws. Joomla development team has released the Joomla 3.8.4 that addresses a large number of issues, including an SQL injection bug and three cross-site scripting (XSS) vulnerabilities. The latest release also includes several improvements. The XSS and SQL injection vulnerabilities have been classified […]

Pierluigi Paganini November 01, 2017

WordPress releases the version 4.8.3 to address a serious SQL Injection vulnerability

WordPress developers fixed a serious SQL injection vulnerability on Tuesday with the release of version 4.8.3.. Apply it as soon as possible. WordPress developers fixed a serious SQL injection vulnerability that was reported by the researcher Anthony Ferrara, VP of engineering at Lingo Live. The issue was addressed on Tuesday with the release of version 4.8.3. The vulnerability […]

Pierluigi Paganini July 01, 2017

SQL Injection flaw in WordPress Plugin WP Statistics potentially exposed 300,000+ Sites

Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins. Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins, that is currently installed on over 300,000 websites. The SQL Injection vulnerability in WP Statistics could be exploited by […]

Pierluigi Paganini May 18, 2017

Critical SQL Injection CVE-2017-8917 vulnerability patched in Joomla, update it now!

Joomla maintainers released a fix for a critical SQL injection flaw, tracked as CVE-2017-8917, that can be exploited by a remote attacker to hijack websites On Wednesday Joomla maintainers released a fix for a critical SQL injection vulnerability, tracked as CVE-2017-8917, that can be easily exploited by a remote attacker to obtain sensitive data and hijack websites. The vulnerability […]

Pierluigi Paganini March 01, 2017

SQLi flaw in the NextGEN Gallery plugin exposes at risk of hack more than 1 Million WordPress Installs

More than 1 million WordPress website are at risk due to a critical SQL injection vulnerability in the NextGEN Gallery plugin. Update it asap. Security experts at Sucuri firm have identified a SQL injection flaw in the WordPress image gallery NextGEN Gallery that could be exploited by a remote to gain access to the targeted website’s backend, including sensitive […]

Pierluigi Paganini February 15, 2017

Russian hacker Rasputin breaches over 60 Universities and Government Agencies

The Russian-speaking black hat hacker Rasputin, hacked systems of more than 60 universities and U.S. government agencies. According to the threat intelligence firm Recorded Future, a Russian-speaking black hat hacker, known as ‘Rasputin‘, hacked systems of more than 60 universities and U.S. Government agencies. We met Rasputin in December 2016, when he was offering for sale stolen login […]

Pierluigi Paganini December 16, 2016

More than 8,800 WordPress Plugins out of 44,705 are flawed

Security firm RIPS Technologies has analyzed 44,705 in the official WordPress plugins directory and discovered that more than 8,800 of them are flawed. Experts from the security company RIPS Technologies have conducted an interesting analysis of WordPress plugins. The researchers have analyzed 44,705 of the roughly 48,000 plugins available in the official WordPress plugins. “To do […]

Pierluigi Paganini December 05, 2016

Kapustkiy hacked the National Assembly of Ecuador website

Kapustkiy has breached the National Assembly of Ecuador and leaked the data via PasteBin. Once again he exploited a SQL injection. Here we go again with a Kapustkiy’s hack, this time the young hacker has breached the National Assembly of Ecuador and leaked the data via PasteBin. The hacker broke into the backend of the www.asambleanacional.gob.ec website […]

Pierluigi Paganini November 06, 2016

Databases of Indian embassies leaked online. Too easy hack them

The databases of the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya were leaked online by two grey hat hackers. Today I was contacted by a security pentester who goes online with the moniker Kapustkiy who revealed me to have breached the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya. Kapustkiy and his friend Kasimierz (@Kasimierz_) told […]

Pierluigi Paganini August 24, 2016

Navis WebAccess app used by US Ports is affected by a SQL injection flaw

The Navis WebAccess application used in the transportation sector worldwide is affected by a high severity SQL injection vulnerability. A software used in the US ports is affected by a high severity SQL Injection vulnerability (CVE-2016-5817). The flaw was discovered by a hacker behind the online moniker “bRpsd,” the expert has discovered the vulnerability in […]

SQL injection

Joomla 3.8.4 release addresses three XSS and SQL Injection vulnerabilities

WordPress releases the version 4.8.3 to address a serious SQL Injection vulnerability

SQL Injection flaw in WordPress Plugin WP Statistics potentially exposed 300,000+ Sites

Critical SQL Injection CVE-2017-8917 vulnerability patched in Joomla, update it now!

SQLi flaw in the NextGEN Gallery plugin exposes at risk of hack more than 1 Million WordPress Installs

Russian hacker Rasputin breaches over 60 Universities and Government Agencies

More than 8,800 WordPress Plugins out of 44,705 are flawed

Kapustkiy hacked the National Assembly of Ecuador website

Databases of Indian embassies leaked online. Too easy hack them

Navis WebAccess app used by US Ports is affected by a SQL injection flaw

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Apple addressed the seventh actively exploited zero-day

Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection

A Scattered Spider member gets 10 years in prison

FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage

US CERT/CC warns of flaws in Workhorse Software accounting software used by hundreds of municipalities in Wisconsin

QUICK LINKS

SQL injection

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!