Comments on: Serious SQL Injection Vulnerability http://www.redcardinal.ie/security/28-04-2008/serious-sql-injection-vulnerability/ Search Engine Optimisation Ireland Tue, 31 Mar 2015 10:03:56 +0100 hourly 1 http://wordpress.org/?v=3.9.1 By: Seologiahttp://www.redcardinal.ie/security/28-04-2008/serious-sql-injection-vulnerability/#comment-2371 Thu, 05 Jun 2008 15:49:06 +0000 http://www.redcardinal.ie/?p=559#comment-2371 SQL Injection is a serious problem and is happening more than one would think. Take WordPress, for instance. One of the last versions had a injection vulnerability. The problem is that if you update, something else breaks! :S Sometimes it’s just better to stick with the bad but working rather than the new and “unknown”.

]]>
By: paulhttp://www.redcardinal.ie/security/28-04-2008/serious-sql-injection-vulnerability/#comment-2369 Tue, 06 May 2008 13:14:01 +0000 http://www.redcardinal.ie/?p=559#comment-2369 btw just got a 500 server error when submitting that last comment, but it went through. I know you had problems before with your wordpress setup. I’m using FF.2.0.0.14 on WinNT.

]]>
By: paulhttp://www.redcardinal.ie/security/28-04-2008/serious-sql-injection-vulnerability/#comment-2365 Tue, 06 May 2008 13:11:45 +0000 http://www.redcardinal.ie/?p=559#comment-2365 I’m suspecting that most developers didn’t admit that it was a problem with their code and probably charged them to update their website to protect it :)
= p

]]>
By: Richard Hearnehttp://www.redcardinal.ie/security/28-04-2008/serious-sql-injection-vulnerability/#comment-2366 Tue, 06 May 2008 12:47:34 +0000 http://www.redcardinal.ie/?p=559#comment-2366 The most interesting piece to this puzzle is that SQL injections can only really be defended against in the site code. I wonder what some of the developers behind the Irish sites hit told their clients?

Rgds to both
Richard

]]>
By: paulhttp://www.redcardinal.ie/security/28-04-2008/serious-sql-injection-vulnerability/#comment-2370 Tue, 06 May 2008 10:56:38 +0000 http://www.redcardinal.ie/?p=559#comment-2370 The number is down to just over 2,000 pages indexed with that search query. I know it’s not a 100% reliable measure. But after just over a week it does seem to be that more and more companies are patching their servers.

= Paul

]]>
By: Donncha O Caoimhhttp://www.redcardinal.ie/security/28-04-2008/serious-sql-injection-vulnerability/#comment-2368 Mon, 05 May 2008 14:22:48 +0000 http://www.redcardinal.ie/?p=559#comment-2368 Ouch! That is nasty but it looks like many of the sites have patched the hole, at least the ones I check on the front page of that Google search have.

]]>
By: Damien Mulley » Blog Archive » Fluffy Links - Tuesday April 29th 2008http://www.redcardinal.ie/security/28-04-2008/serious-sql-injection-vulnerability/#comment-2367 Tue, 29 Apr 2008 04:47:41 +0000 http://www.redcardinal.ie/?p=559#comment-2367 [...] Via Richard Hearne. A lot of sites are being hacked with the SQL injection exploit. List of Irish ones. [...]

]]>