Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies. Despite years topping vulnerability lists, ...

Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site. Magento patched 37 vulnerabilities on Thursday, ...

A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents — presenting a prickly risk ...

SQL injection is the most common penetration technique employed by hackers to steal valuable information from corporate databases. Yet, as widespread as this method of attack is, a seemingly infinite ...

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers. A threat ...

Two SQL injection vulnerabilities were patched in Ruby on Rails, a popular open-source Web development framework used by some high-profile websites. The Rails developers released versions 3.2.19, ...

This week’s disclosure that the huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks could finally push retailers into paying serious attention to Web ...

SAN DIEGO, Jan. 20, 2015 – DB Networks, an innovator of intelligent continuous monitoring for core networks, today announced that after years of steady decline, 2014 witnessed a significant uptick in ...

Developers of the popular vBulletin Internet forum software have issued emergency patches Wednesday in order to fix a SQL injection vulnerability that could allow attackers to read and manipulate ...

Developers of the popular vBulletin Internet forum software have issued emergency patches Wednesday in order to fix a SQL injection vulnerability that could allow attackers to read and manipulate ...