eBay closes critical security holes


The online auction house eBay has fixed two vulnerabilities in its US web site. One of the vulnerabilities was a critical SQL injection hole in the site’s selling area that gave potential attackers unauthorised read and write access to one of the company’s databases. SQL injection holes allow attackers to inject database commands by exploiting inadequately filtered HTTP parameters.


Read more: eBay closes critical security holes

Story added 26. November 2012, content source with full text you can find at link above.