The Drupal security team is reporting that versions of Drupal 7 prior to 7.32 are vulnerable to a "Highly Critical" SQL injection bug. Version 7.32 is now available to address the bug and the ...

Drupal has released a patch for a highly critical flaw in its content management system, which could allow rogue code to run. Drupal, which is a volunteer open-source project whose software is ...

Drupal has patched a critical SQL injection vulnerability in version 7.x of the content management system that can allow arbitrary code execution. Drupal has patched a critical SQL injection ...

Drupal, the creator of the eponymous content management system that millions use the world over, now knows that all too well. In mid-October it patched a SQL injection flaw, which could be ...

Support for Microsoft SQL Server 2005 (and later versions) in Drupal CMS got rolling last year, according to a blog post by Jean Paoli, Microsoft's general manager for interoperability. It culminated ...

Softpedia reported that the attackers exploited a two-year-old vulnerability in Drupal for the SQL injection attacks. Drupal website owners said their websites were locked, with the message ...

Drupal uses a database abstraction API (application programming interface) that filters harmful SQL (structure query language) queries, but the vulnerability (CVE-2014-3704) can allow an attacker ...