News Feed
Jobs Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP Security Consortium:
New Product Launch - PHPSecInfo
October 20, 2006 @ 10:30:08

Chris Shiflett has announced (via the phpsec.org mailing list) a new project to help make PHp installations safer in a simple, easy-to-use package - PHPSecInfo.

Ed Finkler of the PHP Security Consortium has launched a new project to help developers and system administrators audit PHP environments. PHPSecInfo provides a simple-to-use security audit system for the PHP environment, with a look and feel similar to that of the phpinfo() function.

PHPSecInfo currently has a suite of 16 tests. Interested PHP developers are encouraged to propose and write new tests for consideration as well as help refine the existing test suite. You can find contact information for Ed Finkler and any member of the PHP Security Consortium online at http://phpsec.org/contact/.

The development of the project is being partially sponsored by CERIAS at Purdue University. There's an example of the output from the script and a download dated for the beginning of August. Contributions are welcome and accepted, especially in certain areas like documentation, test writing, suggestions, and feedback.

0 comments voice your opinion now!
phpsecinfo product launch security consortium phpsecinfo product launch security consortium


PHP Security Consortium:
SecurityFocus Newsletters Posted (#328, #327, #320, #319)
December 23, 2005 @ 07:50:55

The PHP Security Consortium has published more SecurityFocus Newsletters today:
  • #320 - issues with phpMyAdmin, PHPWebSite, Complete PHP Counter, and Zeroblog
  • #319 - issues with PHP-Fusion, MyBloggie, OSCommerce, and Utopia News
  • #327 - issues with Drupal, PHPGreetz, PHPWordPress, NiceCoder iDesk, WebCalendar, and PHPAlbum (large list)
  • #328 - issues with phpMyAdmin, Web4Future, PHPForumPro, Cars Portal Index, and MyBB

As always, the items mentioned above are only a small taste of the contents of the newsletters, so be sure to check them out in full to see if one of your applications is listed...

1 comment voice your opinion now!
security consortium securityfocus newsletter security consortium securityfocus newsletter


PHP Security Consortium:
Five SecurityFocus Summaries Posted
November 21, 2005 @ 06:31:56

The PHP Security Consortium has posted several SecurityFocus summaries today - #324, #323, #322, #317, #316.

  • Applications in #324 include: Invision Power Board, PHPList, YaBB, TikiWiki, phpAdsNew, and PHPWebThings.
  • Applications in #323 include: PHP errors with parse_str and phpinfo, Invision Gallery, PHPCafe, EyeOS, Simple PHP Blog, PHP Handicappe, and vBulletin.
  • Applications included in #322 include: phpMyAdmin, PHPNuke, Platinum DBoardGear, PHP-Fusion, XOOPS, MyBulletinBoard, Mantis, and PHP Advanced Transfer Manager
  • Applications included in #317 include: CutePHP, VBulletin, PunBB, PHPMyFAQ, Simplog, and Land Down Under
  • Applications included in #316 include: PunBB, PHP-Nuke, PHPTagCool, ATutor, CutePHP, and AEwebworks.

If you are using any of the above applications, it's suggested that you update immediately. Also, if this not by far a complete listing of the applications listed in these simmaries. Be sure to check out the listing on each to see if your application is effected...

2 comments voice your opinion now!
security consortium securityfocus summary security consortium securityfocus summary



Community Events











Don't see your event here?
Let us know!


series framework install database release security application symfony2 opinion composer unittest hack component performance hhvm introduction package language facebook podcast

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework