Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Chris Shiflett's Blog:
Google Code Search for Security Vulnerabilities
Oct 06, 2006 @ 06:49:21

Recently , Google has released a new service for their search engine, the Google Code Search. It allows for developers to look through and locate items in public source code through the simple Google interface we're all used to. Fortunately, there's also a few security problems the site can help with as well, and Chris Shiflett shares some of these in his latest post.

Stephen de Vries sent an email to SecurityFocus's web application security mailing list earlier today to comment on the new Google Code Search: "Google's code search provides an easy way to find obvious software flaws in open source and example applications."

Chris talks about cross-site scripting problems, issues with the superglobals, SQL injection problems, and even a misplaced trust of the $_SERVER superglobal. Each of the items is linked to is search terms on the Code Search to make it easy to locate.

tagged: vulnerabilities search google xss sqlinjection superglobal vulnerabilities search google xss sqlinjection superglobal