The Drupal security team is reporting that versions of Drupal 7 prior to 7.32 are vulnerable to a "Highly Critical" SQL injection bug. Version 7.32 is now available to address the bug and the ...

Drupal has released a patch for a highly critical flaw in its content management system, which could allow rogue code to run. Drupal, which is a volunteer open-source project whose software is ...

Support for Microsoft SQL Server 2005 (and later versions) in Drupal CMS got rolling last year, according to a blog post by Jean Paoli, Microsoft's general manager for interoperability. It culminated ...

Up to 12 million websites may have been compromised by attackers who took advantage of a bug in the widely used Drupal software. The sites use Drupal to manage web content and images, text and video.

Drupal uses a database abstraction API (application programming interface) that filters harmful SQL (structure query language) queries, but the vulnerability (CVE-2014-3704) can allow an attacker to ...