Security In PHP

Insecure scripts written in PHP are popular targets of hackers who exploit poorly built applications written in PHP. Software vulnerabilities related to PHP are identified among the CVE (Common Vulnerabilities and Exposures) records, available from the National Vulnerability Database. The proportion of vulnerabilities related to PHP, out of the total of all common vulnerabilities, amounted to: 12% in 2003, 20% in 2004, 28% in 2005, 43% in 2006, 36% in 2007, and 33.8% for the first quarter of 2008. More than a quarter of all software vulnerabilities listed in this database are related to scripts written in PHP, and more than a third of vulnerabilities listed recently. Most of these vulnerabilities can be exploited remotely, that is without being logged on the computer hosting the vulnerable applicationSuch exploitation is made possible due to poor programming habits, such as failing to check data before entering it into a database, and features of the language such as register_globals, which is now deprecatedThese result in code injection, cross-site scripting and other application security issues. Such attacks are not exclusive to PHP and most can be avoided simply by following proper coding techniques and principles.

Comments

  1. MEHUL PABARIJuly 27, 2009 at 9:24 AM

    mehul here..::: nice work dear.. keep going on... update regularly...

    ReplyDelete
  2. Web Hosting IndiaNovember 8, 2010 at 5:21 PM

    Great information regarding security in PHP.The programs and software used such as PHP and MySQL are no average persons' languages. It's up to sophisticated users.

    dennish

    ReplyDelete
  3. AnonymousMarch 4, 2014 at 12:59 AM

    You actually make it seem so easy with your presentation
    but I find this topic to be really something which I think I would never understand.
    It seems too complex and extremely broad for me. I'm looking forward for your next post, I will
    try to get the hang of it!

    Here is my site Xbox Live code Generator

    ReplyDelete
  4. AnonymousMarch 4, 2014 at 11:02 AM

    each time i used to read smaller posts that as
    well clear their motive, and that is also happening with this paragraph which I am reading at this
    place.

    Look into my site; google keyword tool

    ReplyDelete
  5. AnonymousMarch 5, 2014 at 10:30 PM

    Excellent blog! Do you have any suggestions for aspiring writers?

    I'm planning to start my own website soon but
    I'm a little lost on everything. Would you suggest starting with a free platform like Wordpress
    or go for a paid option? There are so many options out there that I'm
    completely overwhelmed .. Any tips? Many thanks!



    Also visit my website - calling internationally

    ReplyDelete
  6. AnonymousApril 12, 2014 at 10:07 PM

    Superb, whɑt a weblog іt іs! This weblog provides Һelpful data tо us,
    keep it up.

    My web site ... Boca Raton CPAt testing - ,

    ReplyDelete
  7. AnonymousApril 15, 2014 at 6:36 AM

    Thank you for another fantastic post. Where else may anyone
    get that type of information in such an ideal means of writing?
    I've a presentation next week, and I'm on the look for such information.


    Here is my web blog: Adolph

    ReplyDelete

Post a Comment