sql injection
Tag details
Welcome to the 'sql injection' tag page at Technorati. This page features content from the farthest reaches of the Blogosphere that authors have "tagged" with 'sql injection'.
Latest blogosphere posts tagged “sql injection”
-
Mysql Injection Error & Flash
Get a Freelance Job —
Authority: 179
I’m looking for someone who’s familiar with MySQL injection error sanitizing coding. It’s a simple fix I believe. I have Mcafee Site scan on this site and the site won’t pass the certification because of this error. Here is the error: error in sql query SELECT * FROM products WHERE ...17 hours ago -
Report: Globalization of Malware Production
Information Security Resources —
Authority: 427
By Simon Heron , CISSP Internet Security Analyst Traditionally, malware has tended to originate mainly from countries like Brazil and America, with other nations such as Korea and India joining them in the top 10 malware charts in recent years. However, October’s threat stats reveal that the level of malware ...18 hours ago -
Gumblar has new face on ugly head
Anti spam and general email security in a business environment —
Authority: 466
Gumblar uses SQL injection to infect Web servers. Malware watchers are reporting that Gumblar botnet is working its mischief once again, this time on a larger scale than ever. The malicious software first attracted the notice of White Hats this spring when it used SQL injection attacks to infect legitimate ...2 days ago -
When Is More Important Than Where in Web Application Security
Lori MacVittie —
Authority: 576
While you spend your time arguing over where application security belongs, miscreants are taking advantage of vulnerabilities. By the time you address the problem, they’ve moved on to the next one. Dmitry Evteev @ Positive Technologies Research has discovered (yet) another method of exploitation that allows ...5 days ago -
Secure Web Hosting
Security Watch —
Authority: 565
Even after the death of the free Geocities service web hosting can be had for very cheap, with real plans starting at even a few dollars a month. But what are you getting for that kind of money? In terms of security, not a whole lot.Most sophisticated attacks against web sites these days arent the sort of thing that ...1 week ago -
Papers of VB2009
Fortinet FortiGuard Blog —
Authority: 116
The papers Bryan, Guillaume and I presented at Virus Bulletin 2009 have been available on the FortiguardCenter since yesterday: ‘I am not a numero!’: assessing global security threat levels – Bryan Lu Fighting cybercrime: technical, juridical, and ethical challenges – Guillaume Lovet Botnet-powered SQL ...1 week ago -
PunBB官方上传附件扩展注射漏洞
??'s Blog —
Authority: 120
by Ryat http://www.wolvez.org 2009-10-24 本来想给论坛加个上传附件的功能,从官方网站下了个pun_attachment,顺便看了下代码,结果发现了这个漏洞:p if (isset($_GET[secure_str])){ if (preg_match(~(\d+)f(\d+)~, $_GET[secure_str], $match)) { ... WHERE ...2 weeks ago -
中易广告联盟系统(ZYADS) sql注入和本地包含漏洞
??'s Blog —
Authority: 120
作者: q1ur3n 在index/news.php 1-31行 include_once("top.php"); $newsid = intval($_GET[id]); $to_type = addslashes($_GET[type]); if ($to_type==index) { $to_type_s =" and to_type=1"; } if ($to_type==webuser) { $to_type_s =" and to_type!=3"; } if ...2 weeks ago -
Barackobama.com Hack Claim Not Standing Up To Scrutiny
Security Watch —
Authority: 565
A claimed hack of the barackobama.com web site appears not to be what it claims. Our first report on this claim had plenty of hedging in it. Even before others had a chance to look deeply into the specifics, the claims were unsubstantiated. According to other critiques, especially this one from Praetorian Prefect , ...2 weeks ago -
ScareWare Infects Tens of Millions Yearly
Information Security Resources —
Authority: 427
By Simon Heron , CISSP Internet Security Analyst For some time, cyber-criminals have been writing and distributing scareware as part of their arsenal in the battle to take control of our computers. Put simply, scareware programs are designed to frighten people into running malicious software by popping up when ...2 weeks ago -
Barackobama.com 0wned...Again
Security Watch —
Authority: 565
Some things never change.Were reported in the past on hacks of the Presidents campaign web site barackobama.com, still used for political campaigning: This one on January 26, 2009 served malware to users and this one from April 21, 2008 redirected users to the Hillary Clinton campaign site (note: Friends of ...2 weeks ago -
October Newsletter
Scottish Developers —
Authority: 395
Welcome First, I’d like to extend an apology to all those that were signed up to our Advanced TDD event which we had to cancel at the last minute. We are looking to re-schedule this event and we’ll publish the details as soon as we have the new date confirmed. If you are thinking of starting a software or web ...3 weeks ago -
Ridding the Web of the XSS Scourge
Web 3.0 Technology.com —
Authority: 443
Cross-site scripting/SQL injection attacks have been blamed for numerous data breaches, perhaps most notably the nightmare of the Heartland Payment Systems data breach. This type of attack has been around for at least a decade. However, the growing popularity of Web 2.0 applications and the tendency for programmers to ...3 weeks ago -
Top 7 PHP Security Blunders
TuVinhSoft .,JSC —
Authority: 481
PHP is a terrific language for the rapid development of dynamic Websites. It also has many features that are friendly to beginning programmers, such as the fact that it doesn’t require variable declarations. However, many of these features can lead a programmer inadvertently to allow security holes to creep into a ...3 weeks ago -
Major Threats to Business Website Security
Web Hosting Geeks' Blog - News, Trends, Discussions. —
Authority: 546
Any organization would find it irresponsible and downright silly to not have anti-virus software installed on their office systems. Most would also have solutions in place to compensate for data restoration should their be a hardware failure or disaster caused by some sort of natural disaster. Surprisingly enough, ...3 weeks ago -
php+mysql5半自动注入工具
??'s Blog —
Authority: 120
作者: Mikawawa 经常碰到这样的注入环境,但有的时候网上给的工具并不能完全应付所有的环境。比如有的会有过滤啊啥的,为了方便我特意写了这个工具。基本上可以应付所有的 ...3 weeks ago -
Oracle Openworld 2009 - SQL Injection Presentation
Alexander Kornbrust Oracle Security Blog —
Authority: 407
Just back from a short trip to the Oracle Openworld where I gave a presentation “ SQL Injection Crash Course for Developers “. This was the first time I talked at the Openworld in San Francisco. The feedback from the attendees was quite good. In the SQL Injection presentation I showed some screenshots of the ...4 weeks ago -
280+ scareware domains, harmful domains, exploit domains
DNS-BH - Malware Domain Blocklist —
Authority: 118
Over 280 new malicious domains added from atlas.arbor.net, www.malwaredomainlist.com, www.tech-linkblog.com and others: 21site .com .cn aaaauto .servebbs .net 39sys39 .cn aaburke .dynalias .org 7oydomen .cn aaliyahicare4u .office-on-the .net 81wordfly .de aamane06 .isa-geek .com 84chatterworks ...8 weeks ago -
Interesting links – September 15
Security Viewpoints —
Authority: 98
Potentially interesting links for September 15: Penetration Testing Training on the Cheap – Short list of inexpensive ($200-$600 range) pentest courses. A guide to preventing SQL injection – Examples of using prepared statements to prevent SQL injection for C#, Java, ASP, Python, Cold Fusion, Delphi, and ...8 weeks ago -
Security Pros Are Focused on the Wrong Threats
WirelessDoc —
Authority: 425
Technology - Bits Blog - NYTimes.com . The is an overview of the recently released biannual report from the SANS Institute, which provides training and support for computer security professionals. Microsoft is doing a better job in providing patches for Windows, so while this was the major concern in the past, ...8 weeks ago
