We went through it a few months ago. It's not just a Drupal or Joomla problem. The db needs protected.
http://myitforum.com/cs2/blogs/hwaldron/archive/2008/06/01/microsoft-best-pr actices-for-preventing-sql-injection-attacks.aspx http://blogs.technet.com/msrc/archive/2008/06/24/rise-in-sql-injection-attac ks-exploiting-unverified-user-data-input.aspx From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, October 09, 2008 10:34 AM To: NT System Admin Issues Subject: RE: IT Portal / Wiki Suggestion Protecting against SQL injection is on my short list of things to learn quickly in my Drupal test. Anyone have any suggestions? _____ From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, October 09, 2008 10:22 AM To: NT System Admin Issues Subject: RE: IT Portal / Wiki Suggestion I can tell you my morning - I've been dealing with 3 Joomla SQL injection attacks today. I know that they can happen with any framework; but right now - I'm pissed off at Joomla. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, October 09, 2008 10:20 AM To: NT System Admin Issues Subject: RE: IT Portal / Wiki Suggestion Out of curiosity, why do you suggest Joomla over Drupal? I started playing with Drupal, and I really like it. I'd love to know what some of the major differences, drawbacks, etc. are between the two. _____ From: MarvinC [mailto:[EMAIL PROTECTED] Sent: Thursday, October 09, 2008 10:08 AM To: NT System Admin Issues Subject: Re: IT Portal / Wiki Suggestion ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
