[drupal] Forum Topics

A Drupal security advisory, [SA-CORE-2014-005](https://www.drupal.org/SA-CORE-2014-005), rather embarrassingly states that: > Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution. …

As well as being CEO of penetration testing specialists High-Tech Bridge, Ilia Kolochenko is also perhaps unsurprisingly a white hat hacker of some repute. Equally unsurprising is the fact that he has [warned](https://www.htbridge.com/blog/plugins_and_extensions_the_achilles_heel_of_popular_cmss.html) that security vulnerabilities in leading CMS platforms such as Drupal, Joomla and WordPress are effectively leaving the …

The Associated Press [URL="http://www.google.com/hostednews/ap/article/ALeqM5iuRIVBTLUvW7823FC-fcfhvkSxHgD9BHLF180"]reported[/URL] this weekend that the [URL="http://www.whitehouse.gov/"]official White House website[/URL] has been switched to using the open-source Drupal content management system Using open source will result in improved security -- because more programmers will be looking for errors in the software -- as well as more quickly and …

Community journalism encourages members of the community to participate in the news process, not just as passive readers, but as active producers of the news itself. This direct connection to the product is similar in many ways to the kind of community building that goes on in open source development. …