News

CSOonline2y
JSON-based SQL injection attacks trigger need to update web application firewalls - CSO Online
Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support ...
dbta10mon
Addressing SAP’s SQL Injection Attacks and Directory Traversal Vulnerabilities - Database Trends and Applications
SQL Injection Attacks. SQL injection, a common vulnerability found in many software programs, including those created in the SAP Advanced Business Application Programming language ABAP/4, can have ...
The Verge9mon
Researchers say a bug let them add fake pilots to rosters used for TSA checks | The Verge
The bug let anyone with a “basic knowledge of SQL injection” add themselves to airline rosters, potentially letting them breeze through security and into the cockpit of a commercial airplane ...