SQL injection has been called the biggest vulnerability in the history of mankind from a potential data loss perspective. Cross-site scripting comes in as a close second.

Tools are available that allow attackers to quickly check home-grown and third-party Web applications for SQL injection vulnerabilities, Wysopal said.

Sophos has deployed a hotfix for their line of Cyberoam firewalls and routers to fix a SQL injection vulnerability.

If your eyes glazed over at the recent announcement of an “SQL injection” vulnerability in WordPress, take heart. You’re not alone.

Hundreds of thousands of URLs have been compromised—at the time of writing, 694,000—in an enormous and indiscriminate SQL injection attack. The attack has modified text stored in databases ...

The huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks and could finally push retailers to deal with Web application security flaws.