SQL

Pierluigi Paganini July 06, 2017
Perl devs fix an important flaw in DBD—MySQL that affects encryption between client and server

Perl development team solved a flaw in DBD—MySQL in some configurations that wasn’t enforcing encryption allowing an attacker to power MiTM attacks. The security researcher Pali RohĂĄr reported an important flaw in DBD—MySQL, tracked as CVE-2017-10789, that affects only encryption between client and server. According to the expert, the issue in some configurations wasn’t enforcing encryption allowing an attacker to […]

Pierluigi Paganini April 15, 2017
Watch out, the Riddle vulnerability affects some Oracle MySQL versions. Update them now

A bug dubbed Riddle vulnerability affecting MySQL 5.5 and 5.6 clients exposed user credentials to MiTM attacks. Update to version 5.7. A coding error dubbed The Riddle has been uncovered in the popular DBMS Oracle MySQL, the issue can be potentially exploited by attacker powering a man-in-the-middle attack to steal usernames and passwords. “The Riddle is a […]

Pierluigi Paganini October 09, 2014
Yahoo Contributors Network affected by Blind & Time Based SQL Injection flaws

Yahoo! Contributors Network was affected by a serious Time based Blind SQL Injection vulnerability which allows the theft of sensitive data. The Yahoo! Contributors Network allows writers to submit articles, videos, it also allows contributors to receive assignments from Yahoo related various domains like Sports and Finance. The security researcher Behrouz Sadeghipour reported to that The Yahoo! Contributors Network (contributor.yahoo.com) is […]