Monday, June 2, 2008

Security In PHP

Insecure scripts written in PHP are popular targets of hackers who exploit poorly built applications written in PHP. Software vulnerabilities related to PHP are identified among the CVE (Common Vulnerabilities and Exposures) records, available from the National Vulnerability Database. The proportion of vulnerabilities related to PHP, out of the total of all common vulnerabilities, amounted to: 12% in 2003, 20% in 2004, 28% in 2005, 43% in 2006, 36% in 2007, and 33.8% for the first quarter of 2008. More than a quarter of all software vulnerabilities listed in this database are related to scripts written in PHP, and more than a third of vulnerabilities listed recently. Most of these vulnerabilities can be exploited remotely, that is without being logged on the computer hosting the vulnerable applicationSuch exploitation is made possible due to poor programming habits, such as failing to check data before entering it into a database, and features of the language such as register_globals, which is now deprecatedThese result in code injection, cross-site scripting and other application security issues. Such attacks are not exclusive to PHP and most can be avoided simply by following proper coding techniques and principles.

7 comments:

mehul here..::: nice work dear.. keep going on... update regularly...

Great information regarding security in PHP.The programs and software used such as PHP and MySQL are no average persons' languages. It's up to sophisticated users.

dennish

You actually make it seem so easy with your presentation
but I find this topic to be really something which I think I would never understand.
It seems too complex and extremely broad for me. I'm looking forward for your next post, I will
try to get the hang of it!

Here is my site Xbox Live code Generator

each time i used to read smaller posts that as
well clear their motive, and that is also happening with this paragraph which I am reading at this
place.

Look into my site; google keyword tool

Excellent blog! Do you have any suggestions for aspiring writers?

I'm planning to start my own website soon but
I'm a little lost on everything. Would you suggest starting with a free platform like Wordpress
or go for a paid option? There are so many options out there that I'm
completely overwhelmed .. Any tips? Many thanks!



Also visit my website - calling internationally

Superb, whɑt a weblog іt іs! This weblog provides Һelpful data tо us,
keep it up.

My web site ... Boca Raton CPAt testing - ,

Thank you for another fantastic post. Where else may anyone
get that type of information in such an ideal means of writing?
I've a presentation next week, and I'm on the look for such information.


Here is my web blog: Adolph

Post a Comment