PHPDeveloper.org: Rochak Chauhan's Blog: Top Ten Security Vulnerabilities in PHP Code

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

PHPMaster.com: Zend Job Queue

Rob Diana's Blog: Web And Scripting Programming Language Job Trends - August 2011

Job Posting: Options Consulting Solutions Seeks PHP Developer Team Lead (Toronto, Canada)

Job Posting: FireScope Seeks Experienced Web Application Developer/Manager (Dallas, TX)

Kevin Schroeder's Blog: Added (PHP 5.3) job queuing to my WordPress instance

Job Posting: Jacob Group (Recruiter) Seeks Director of Software Development (Lacrosse, WI)

Job Posting: Skillshare Seeks Senior Frontend Engineer (New York, NY)

Job Posting: SoftLayer Seeks Software Engineer - Interface Development (Dallas, Tx)

Job Posting: Company Confidential Seeks Senior PHP Developer (Montreal, Quebec, Canada)

Job Posting: SoftLayer Seeks Software Engineer - Systems Development (Dallas, Tx)

News Archive

Cloud Out Loud Podcast: Interview with Ed Finkler

Reddit.com: What non-PHP stuff should a PHP developer know?

Community News: The Changelog Podcast

Leaseweb Labs Blog: Migration to Symfony2 continued

SitePoint.com: How to Create Your Own Random Number Generator in PHP

Refulz.com: The __toString() Method - Objects as Strings

PHPMaster.com: Using Traits in PHP 5.4

Site News: Blast from the Past - One Year Ago in PHP

Ibuildings techPortal: DPC Radio: Implementing OAuth

Rochak Chauhan's Blog:
Top Ten Security Vulnerabilities in PHP Code

by Chris Cornutt August 04, 2008 @ 12:58:10

Rochak Chauhan has come up with a list of ten things, some security problems that could be lurking in your applications waiting to pop up at the worst time. Here's his list:

Unvalidated Parameters
Broken Access Control
Broken Account and Session Management
Cross-Site Scripting (XSS) Flaws
Buffer Overflows
Command Injection Flaws
Error Handling Problems
Insecure Use of Cryptography
Remote Administration Flaws
Web and Application Server Misconfiguration

Each item on the list has a bit of detail (and sometimes some code) to help point out the problem. Some of them even have references to external sources and packages to help you solve the problems.

0 comments voice your opinion now!
security vulnerabilities list example references

Community Events

Don't see your event here?
Let us know!

All content copyright, 2012 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework