News Feed
Jobs Feed
Sections




News Archive
ThinPHP Blog:
Understanding successful tracing of security vulnerabilities
by Chris Cornutt September 21, 2006 @ 07:34:33

In this new post on the ThinkPHP blog, there's more talk about their Chorizo! security scanner and how, with a little help from their Morcilla product, you can find problems easily. Now, interpreting them is another matter, so they show you a simple way to determine just what went wrong.

Sometimes it's not very easy to check if a vulnerability occured where Morcilla told you it occured. In order to pinpoint this issue, it is neccessary that you get a deeper look to the callstack of all the functions that were involved calling the SQL abstraction layer.

They include a screenshot of how the functionality will (in the upcoming version) work in the case of a MySQL SQL injection problem.

0 comments voice your opinion now!
vulnerabilities security chorizo morcilla trace screenshot sql injection vulnerabilities security chorizo morcilla trace screenshot sql injection


blog comments powered by Disqus

Similar Posts

Christopher Kunz\'s Blog: Hardened-PHP Advisory 22/2005 - phpSysInfo

Greg Beaver's Blog: Mac OS X ships with security hole-laden PEAR - how to upgrade immediately

Derick Rethans' Blog: Variable tracing with Xdebug

PHP Security Consortium: SecurityFocus Summaries Posted

Project: RIPS - Static Source Code Analyzer for Vulnerabilities in PHP Scripts


 Community Events











Don't see your event here?
Let us know!

zendframework2 database series phpunit community symfony testing conference podcast rest framework interview language symfony2 functional development usergroup release opinion introduction

All content copyright, 2013 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework