PHPDeveloper.org: ThinPHP Blog: Understanding successful tracing of security vulnerabilities

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: Quinstreet, Inc. Seeks Sr. PHP Developer (Foster City, CA)

Job Posting: WideEye Interactive/Moroch Advertising Seeks Web Developer (Dallas, TX)

Job Posting: Project People Ltd (Recruiter) Seeks PHP Developer (Paris, France)

Job Posting: Snelling (Recruiter) Seeks Web Programmer (Boston, MA)

Job Posting: Veedow Seeks Senior PHP Developer/Architect (London, UK)

Job Posting: Apex Systems (Recruiter) Seeks PHP Web Developers (Tampa, FL)

Job Posting: WordStream Seeks Web Application Developer (Needham, MA)

Job Posting: JS Creative Seeks Web Developer (Atlanta, GA)

Job Posting: Kodak Graphic Communications Group Seeks PHP Application Developer (Stamford, CT)

Job Posting: RJ Byrd (Recruiter) Seeks PHP Application Developer (Dallas, TX)

News Archive

Jani Hartikainen's Blog: Base classes in OOP programming languages

Community News: PHP Quebec 2009 Schedule Announced

Community News: Latest Releases from PHPClasses.org

Brandon Savage's Blog: Hosting Made for PHP Developers

David Otton's Blog: php://memory, Unit Tests

Sameer's Blog: Creating a Figlet text in php

Eran Galperin's Blog: OO PHP Templating

Johannes Schluter's Blog: SQL completion in PHP strings

Smashing Magazine: 10 Advanced PHP Tips to Improve Your Programming

Zend Developer Zone: Zend Framework 1.7.0 is now available

ThinPHP Blog:
Understanding successful tracing of security vulnerabilities

by Chris Cornutt September 21, 2006 @ 07:34:33

In this new post on the ThinkPHP blog, there's more talk about their Chorizo! security scanner and how, with a little help from their Morcilla product, you can find problems easily. Now, interpreting them is another matter, so they show you a simple way to determine just what went wrong.

Sometimes it's not very easy to check if a vulnerability occured where Morcilla told you it occured. In order to pinpoint this issue, it is neccessary that you get a deeper look to the callstack of all the functions that were involved calling the SQL abstraction layer.

They include a screenshot of how the functionality will (in the upcoming version) work in the case of a MySQL SQL injection problem.

0 comments voice your opinion now!
vulnerabilities security chorizo morcilla trace screenshot sql injection vulnerabilities security chorizo morcilla trace screenshot sql injection

Similar Posts

CodePoets.co.uk: How to use PHP and PEAR MDB2 (Tutorial)

PHPHacks.com: Security in PHP

ThinPHP Blog: Understanding successful tracing of security vulnerabilities

PHP Security Consortium: SecurityFocus Summaries Posted

David Coallier's Blog: Free PHP Security Scan

Community Events

Don't see your event here?
Let us know!

All content copyright, 2008 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework