Reply to post:

Drupal SQL injection nasty leaves sites 'wide open' to attack

Tzhx

>> Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks.

>>A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution.

You had ONE job...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon