Sql injection

SQL Injection vulnerability in User Stats interface /vicidial/userstats.php of VICIdial via the filedownload parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and beco...

Integrate Your Ticketing System into Database Security to Prevent DBA Privilege Abuse

Many of the recent high-profile data security breaches were made by trusted insiders. They are often database administrators DBAs who are highly privileged and trusted insiders with access to sensitive data. In this blog post, I will discuss the inherent risk introduced by highly privileged...

Two recent IBM DB2 LUW vulnerability to mention the right analysis-vulnerability warning-the black bar safety net

IBM recently released two affected DB2 for linux, unix, windows, three versions of the security vulnerability patches. And this article will explore where these two vulnerabilities, CVE-2 0 1 4-0 9 0 7 and CVE-2 0 1 3-6 7 4 4 some of the technical details to help database administrators assess...

[VulnWatch] Patch available for high risk IBM DB2 Universal Database flaw

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Researchers at NGSSoftware have discovered a high risk vulnerability in IBM's DB2 Universal Database Version 8.1 and earlier. IBM has just released Fixpak 8 for DB2 UDB 8.1 which addresses the security flaw...