The Joomla CMS project released today Joomla 3.7.1 to fix an SQL injection flaw that allows attackers to execute custom SQL code on affected systems and take over vulnerable sites.

Mar 18, 2025 14:35:00 SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was used to break into the US Treasury Department ...

Hundreds of thousands of URLs have been compromised—at the time of writing, 694,000—in an enormous and indiscriminate SQL injection attack. The attack has modified text stored in databases ...

F-Secure found evidence of yet another massive round of infected Web sites on Thursday, all compromised by SQL injection attacks. Many pundits in the blogosphere were quick to blame Microsoft IIS ...

Although there has been a new IIS vulnerability disclosed in recent weeks, the attacks are only making use of poor site and database maintenance practices - using SQL injection to exploit sites.

Attackers exploit 0-day code-execution flaw in the Sophos firewall Yep, in-the-wild SQL injection exploits in 2020 are still a thing.

Respondents taking part in a new study from the Ponemon Institute say they've had their eyes opened to the realities of SQL Injection, and the impact it has on their organization.

Because have you ever considered that the code you are being offered might (unintentionally) contain a serious security flaw – such as being vulnerable to exploitation via SQL injection? Laurent Cozic ...

In SQL injection attacks, malicious hackers can take advantage of poorly coded Web application software to introduce malicious code into a company’s systems and network.

Security practitioners are increasingly bent on better code security, as Microsoft SDL, BSIMM and Rugged demonstrate. Here's how it became Priority 1 for one of the nation's largest energy providers.