SQL Injection in sequelize

Affected versions of sequelize use MySQL's backslash-based escape syntax when connecting to SQLite, despite the fact that SQLite uses PostgreSQL's escape syntax, which can result in a SQL Injection vulnerability. Recommendation Update to version 1.7.0-alpha3 or later...

PT-2014-10: Proactive Filter Bypassing in Bitrix CMS

The specialists of the Positive Research center have detected a Proactive Filter Bypassing vulnerability in Bitrix CMS. Bitrix Proactive Filter, which provides traffic filtering and protection from attacks on web application, ignores the entire functionality of MySQL queries syntax due to imprope...