InfoWorld

MySQL website falls victim to SQL injection attack

Oracle’s MySQL.com customer website was apparently compromised over the weekend by a pair of hackers who publicly posted usernames, and in some cases passwords, of the site’s users. Taking credit for ...
The Next Web

Irony: MySQL and Sun websites hacked using SQL injection

MySQL.com, the official website of the database management system of the same name, was today subjected to an attack whereby hackers used SQL injection exploits to gain access to a complete list of ...
CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...
dbta

Harden Your Applications to Combat SQL Injection

An important aspect of database security is designing your applications to avoid SQL injection attacks. SQL injection is a form of web hacking whereby SQL statements are specified in the fields of a ...
Ars Technica

Perl CGI + MySQL: Safety from SQL Injection

I have been assigned a small project that requires a Perl front end via CGI and a MySQL back end with a simple database. The database has basic names, addresses, and some flags to tell whether someone ...
Dark Reading

Myth-Busting SQL- And Other Injection Attacks

While different security researchers may haggle over the exact ranking of SQL injection attacks compared to other common maladies, such as XSS and CSRF, few would deny that SQLi and its other ...