PHP security under scrutiny
Robert Lemos,
SecurityFocus
2006-12-18
Perhaps PHP should stand for Pretty Hard to Protect: A week after a prominent bug finder and developer left the PHP Group, data from the National Vulnerability Database has underscored the need for better security in PHP-based Web applications.