News Feed
Jobs Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SecurityFocus.com:
Five common Web application vulnerabilities
May 03, 2006 @ 06:59:25

Sephiroth.it has a quick post pointing out this helpful article on the SecurityFocus site looking at five common web application vulnerabilities.

This article looks at five common Web application attacks, primarily for PHP applications, and then presents a case study of a vulnerable Website that was found through Google and easily exploited. Each of the attacks we'll cover are part of a wide field of study, and readers are advised to follow the references listed in each section for further reading.

It is important for Web developers and administrators to have a thorough knowledge of these attacks. It should also be noted that that Web applications can be subjected to many more attacks than just those listed here.

The list they share contains all of the usual suspects:

  • remote code execution
  • SQL injection
  • format string vulnerabilities (unfiltered user input)
  • cross-site scripting (XSS)
  • username enumeration

For each, they give a definition of what it is and how it's done, a rating on how critical it is, some of the previously vulnerable products, some code examples of how it might work, and some countermeasures/reference material for more information.

0 comments voice your opinion now!
web application vulnerabilities five sql injection xss user input web application vulnerabilities five sql injection xss user input


blog comments powered by Disqus

Similar Posts

GoodPHPTutorials.com: SQL Injections in PHP with MySQL

VG Tech: Inheriting Configuration in Zend Framework 2 Applications

Ben Ramsey\'s Blog: PECL Input Filter

Andrei Zmievski's Blog: "PHP Eats Rails for Breakfast"

Zend Developer Zone: Migrating applications from PHP 4 to Zend Core 2.5 w/support for IBM Informix


Community Events











Don't see your event here?
Let us know!


opinion hack database release composer unittest application introduction security symfony2 component hhvm series language podcast package framework performance facebook install

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework