Infosecurity-magazine.com

SQL injection most dangerous threat, according to CWE/SANS list of top software flaws

Second on the top 25 software flaw list is OS command injection flaw, third is classic buffer overflow, and fourth is cross-site scripting. In its annual list of software flaws, Mitre and the SANS ...
Dark Reading

SQL Injection Errors No Longer the Top Software Security Issue

SQL injection errors are no longer considered the most severe or prevalent software security issue. Replacing it at the top of the Common Weakness Enumeration (CWE) list of most dangerous software ...
Dark Reading

How to Tame SQL Injection

For more than a decade, injection vulnerabilities have literally topped the charts of critically dangerous software flaws, deemed more serious than all other types of vulnerabilities in the 2010, 2013 ...
Bleeping Computer

CISA urges devs to weed out OS command injection vulnerabilities

CISA and the FBI urged software companies on Wednesday to review their products and eliminate path OS command injection vulnerabilities before shipping. Velvet Ant, the Chinese state-sponsored threat ...
Computer Weekly

Retail software firm PrestaShop warns users about SQL injection attacks

PrestaShop, a developer of open source e-commerce software used by hundreds of thousands of small, independent retailers as the foundations of their online presence, has warned of a serious ...
CSOonline

SQL injection Attacks Led to Heartland, Hannaford Breaches

This week’s disclosure that the huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks could finally push retailers into paying serious attention to Web ...