Comment Re:The real problem (Score 1) 186
This is actualy a stupid article, as it doensn't even bother to describe the platform which has the vulnerability in it. It's not a platform or database issue if it's a SQL Injection, so it must be some app that is common... like a CMS package or blog engine... something like that.
It doesn't matter. It's not an attack on a specific web server, CMS, or even database engine. The ONLY thing that matters is if the underlying scripts driving the website are poorly written and vulnerable themselves.
It's not difficult to write something that spiders websites and attempts injection attacks against querystring variables that that individual site commonly uses. The exact same thing happened either late last year or early this year. Now in that instance, that was specifically targeted for MS Sql Server, but it's not hard to imagine a completely platform-independent version.