News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Ed Finkler's Blog:
The PHP App Insecurity Top 20
April 19, 2007 @ 07:01:02

In a new post today, Ed Finkler shares some interesting stats he's generated based on some NIST NVD data and graphed out. It shows PHP as being in the top 20 list for more insecure applications.

What follows is a breakdown of the 20 PHP-based applications that had the highest aggregate vulnerability scores (NIST assigns a score from 1-10 for the severity of each entry), and the highest total number of vulnerabilities, over the past 12 months. Of the two, I feel that the aggregate score is a better indicator of security issues.

The Excel charts show the total NVD score and the total number of NVD entries for several popular PHP applications (like phpBB, phpMyAdmin, TikiWiki, and Joomla). He also notes that there are some other extenuating circumstances surrounding these numbers (not a level line) and that the trend seems to be more on the side of issues with forums than any other type of PHP application.

10 comments voice your opinion now!
insecure application top20 forum issue reported score entries graph insecure application top20 forum issue reported score entries graph


blog comments powered by Disqus

Similar Posts

CyberInsecure.com: Half-Million Sites Mostly Running PHPBB Forum Software Hacked In Latest Attack

Benjamin Eberlei's Blog: Benchmark and Optimize Zend Framework Performance

php|architect: 7 Promotions for 7 Days - January 5th - Any PDF Issue for $0.99 USD

PHPRiot.com: Practical Web 2.0 Applications with PHP by Quentin Zervaas Released

Zend Developer Zone: Zend Framework is a BOSSie Award Winner


Community Events





Don't see your event here?
Let us know!


developer introduction application deployment podcast conference development interview version framework series laravel zendserver api language release list community tips code

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework