Bleeping Computer

New Joomla SQL Injection Flaw Is Ridiculously Simple to Exploit

The Joomla CMS project released today Joomla 3.7.1 to fix an SQL injection flaw that allows attackers to execute custom SQL code on affected systems and take over vulnerable sites. Sucuri analyst Marc ...
Linux Journal

Drupageddon: SQL Injection, Database Abstraction and Hundreds of Thousands of Web Sites

Drupal is a very widely used open-source content management system. It initially was released in 2001, and recent statistics show Drupal as the third-most popular content management system, with just ...