6 days after Wordpress 2.2 release, Janek Vind has discovered a SQL injection vulnerability in WordPress 2.1.3, which can be exploited to conduct SQL injection attacks.

Cursor Injection – A New Method for Exploiting PL/SQL Injection and Potential Defences David Litchfield, NGSSoftware , released this paper which describes a new method whereby an attacker, seeking to exploit a SQL injection flaw in an Oracle database server, may do so without the need to create an auxiliary inject function in order to execute arbitrary SQL.

Well, having the SQL server call home to your machine is cool enough (bye bye firewall) , but the paper’s author, Cesar Cerrudo went a step forward . These are the main topics covered by his paper :

I stumbled upon yet another blind SQl injection tool called sqlmap written by Bernardo Damele and Daniele Bellucci. I didn’t have time to test it, but the tool’s description is quite ambitious