Network World

Microsoft plugs privilege elevation flaw in SQL server

Microsoft’s SQL Server 7.0 and 2000 software contain a critical flaw that allows low privilege users to elevate their privilege level and make changes to tasks created by other users, the company said ...
CSOonline

Critical Magento SQL injection flaw could be targeted by hackers soon

The Magento content management system used by thousands of online shops has received fixes for several serious vulnerabilities, including an unauthenticated SQL injection flaw that’s likely to soon ...