PHP apps: Security's Low-Hanging Fruit

PHP apps: Security's Low-Hanging Fruit
Kelly Martin, 2007-01-08

PHP has become the most popular application language on the web, but common security mistakes by developers are giving PHP a bad name. Here's how PHP coding errors have become the new low-hanging fruit for attackers, contributing to the phishing problems on the web.

Expand all | Post comment

PHP apps: Security's Low-Hanging Fruit 2007-01-09
ninjah (1 replies)

Re: PHP apps: Security's Low-Hanging Fruit 2007-01-11
rdivilbiss

A simple glance at BugTraq will show the security vulnerabilities are not affecting little Johnny's first web apps, but are littered among the largest most widely installed PHP applications. So as you say...let us look at what products these vulns are found in.

Putting your head in the sand is ignoring the facts.

The author is dead on, and SecurityFocus has the proof available for you at a glance.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/427/34253#34253

PHP apps: Security's Low-Hanging Fruit 2007-01-09
Anonymous

PHP apps: Security's Low-Hanging Fruit 2007-01-09
Anonymous (2 replies)

Re: PHP apps: Security's Low-Hanging Fruit 2007-01-10
Anonymous

Re: PHP apps: Security's Low-Hanging Fruit 2007-01-11
Josef Meixner

Don't forget basic file system security 2007-01-09
Void (1 replies)

Re: Don't forget basic file system security 2007-11-03
Catalin Hulea

PHP apps: Security's Low-Hanging Fruit 2007-01-10
andyT

PHP apps: Security's Low-Hanging Fruit 2007-01-11
Anonymous (2 replies)

Re: PHP apps: Security's Low-Hanging Fruit 2007-01-11
Anonymous

Re: PHP apps: Security's Low-Hanging Fruit 2007-11-03
Catalin Hulea

PHP apps: Security's Low-Hanging Fruit 2007-01-11
Anonymous

PHP apps: Security's Low-Hanging Fruit 2007-01-12
Kevin Waterson

Don't blame PHP, it's the newbies 2007-11-03
Catalin Hulea

PHP apps: Security's Low-Hanging Fruit 2008-02-12
Anonymous