News Feed
Jobs Feed
Sections




News Archive
Rochak Chauhan's Blog:
Top Ten Security Vulnerabilities in PHP Code
by Chris Cornutt August 04, 2008 @ 12:58:10

Rochak Chauhan has come up with a list of ten things, some security problems that could be lurking in your applications waiting to pop up at the worst time. Here's his list:

  • Unvalidated Parameters
  • Broken Access Control
  • Broken Account and Session Management
  • Cross-Site Scripting (XSS) Flaws
  • Buffer Overflows
  • Command Injection Flaws
  • Error Handling Problems
  • Insecure Use of Cryptography
  • Remote Administration Flaws
  • Web and Application Server Misconfiguration

Each item on the list has a bit of detail (and sometimes some code) to help point out the problem. Some of them even have references to external sources and packages to help you solve the problems.

0 comments voice your opinion now!
security vulnerabilities list example references


blog comments powered by Disqus

Similar Posts

PHP Security Blog: A Trio of Javascript Issues

Andi Gutmans' Blog: Inside Zend Server: Linux Take 2 - Examples

Smashing Magazine: Keeping Web Users Safe By Sanitizing Input Data

Derick Rethans\' Blog: #ezcomponents/freenode

Net-Security.org: SUSE Security Announcement - php4,php5 problems


 Community Events











Don't see your event here?
Let us know!

podcast language database release symfony2 phpunit series interview introduction zendframework2 unittest conference development testing rest community opinion framework functional usergroup

All content copyright, 2013 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework