Showing posts with label sql injection attack. Show all posts
Showing posts with label sql injection attack. Show all posts

31 July 2008

Shock! Horror! Not!

This looks bad:

Open source software names such as Joomla!, Drupal, WordPress and Linux are now alongside large proprietary software firms including IBM, Microsoft, Apple, Sun, Cisco, and Oracle in the IBM Internet Security Systems ‘Midyear Trend Statistics’ report.

But wait, there's more:

It is the first time that community-developed open source software such as the Drupal and Joomla! content-management software packages for the web also showed up on the list. Tom Cross, X-Force researcher at IBM ISS, said Drupal and Joomla! are open source packages that "have both been vulnerable to SQL injection attacks".

Er, this would be Microsoft SQL Server injection attacks, running on Windows, yes? And that's an open source vulnerability? I think not....