Site Sponsor:

mcafee_logo.gif
line

Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.

« Hacking Air Traffic Control Systems | Main | US Missle Defense Details Found on Computer Purchased from eBay »

SQL Injection Attacks in Content Management Systems

Web sites built using content management systems may be vulnerable to SQL injection attacks, the trick is to find them.

A new article at SearchSecurity has tips on finding if your site has been compromised, including:

These tags include "iframe", "http-equiv="refresh"" or the IP address of known malicious servers. An easier way to detect a compromise is by examining webpages created from dynamic content for unexpected behavior, including the addition of hidden iframes -- code elements used to embed an HTTP document in another HTTP document -- in the HTML.
Tags:        
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Dan Sullivan on May 7, 2009 5:04 PM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/1043

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Latest White Papers

line

Blog Roll

line

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net