The New SQL Injection Attack
December 11th, 2009
a new, extremely sophisticated SQL injection attack that may have already infected up to 300,000 Web pages has been detected. Perpetrators are using SQL injection to push a malicious iframe that is named script src=hxxp://318x.com into Web servers. (An iframe is an HTML structure that enables another HTML document to be put into an HTML page.)
What does it mean?Does it mean many web servers were vulnerable of SQL injection at the same time?How?Or is it a worm using SQL injection?
Like a worm that uses XSS in myspace?