Bleeping Computer

Critical flaw in LayerSlider WordPress plugin impacts 1 million sites

The structure of the possible queries limits the attack to time-based blind SQL injection, meaning that the attackers need to observe the response times to infer data from the database.
The Verge

Researchers say a bug let them add fake pilots to rosters used for TSA checks

TSA security could be easily bypassed by using a simple SQL injection technique, say security researchers. TSA security could be easily bypassed by using a simple SQL injection technique, say security ...