News Feed
Jobs Feed
Sections

Recent Jobs

News Archive
Rochak Chauhan's Blog:
Top Ten Security Vulnerabilities in PHP Code
by Chris Cornutt August 04, 2008 @ 12:58:10

Rochak Chauhan has come up with a list of ten things, some security problems that could be lurking in your applications waiting to pop up at the worst time. Here's his list:

  • Unvalidated Parameters
  • Broken Access Control
  • Broken Account and Session Management
  • Cross-Site Scripting (XSS) Flaws
  • Buffer Overflows
  • Command Injection Flaws
  • Error Handling Problems
  • Insecure Use of Cryptography
  • Remote Administration Flaws
  • Web and Application Server Misconfiguration

Each item on the list has a bit of detail (and sometimes some code) to help point out the problem. Some of them even have references to external sources and packages to help you solve the problems.

1 comment voice your opinion now!
security vulnerabilities list code example references



Sorry for the confusion
by Rochak Chauhan - 09.03.2008 @ 02:23:55
Sorry for the confusion, no offense to David Sklar. I have explained him the situation personally. The idea was to share and spread the word. But I guess I owe an apology for NOT including the credits.

I have added the credits in the post now. You all are requested to make use of the information and thank David (http://www.sklar.com)
is this spam? let us know!

Similar Posts

Community News: PHPers Participate in CSS Naked Day

Jorge Garifuna\'s Blog: Build a Complete PHP Application in 3 Clicks

PHPHacks.com: How to create an Ajax RSS reader with PHP

PHPBuilder.com: Intro to PHP

Secunis.com: Travelsized CMS index.php Cross-Site Scripting Vulnerabilities


 Community Events









Don't see your event here?
Let us know!

releases developer conference book job database framework PHP5 mysql zend security cakephp zendframework ajax application release PEAR example package code

All content copyright, 2008 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework