Vuln. Alert: BusinessWeek SQL Injection

ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > Living Room

(1/1)

Ehtyar:
The BusinessWeek magazine's website has suffered an attack on an SQL injection vulnerability in its pages causing it to serve up malware.

The Web site of BusinessWeek magazine suffered a major SQL injection attack in recent days that left it hosting malware on hundreds of its pages, security vendor Sophos PLC has reported.

Once compromised by such a server hole, the attack scripts could, in principle, launch anything desired by the attacker except currently included code for automatic attacks based on JavaScript. That means a visitor could be hit by malware just by landing on one of the pages, without even interacting in any way.

--- End quote ---

Full Story
Second Reference

Ehtyar.

Navigation

[0] Message Index

Go to full version