Hundreds if not thousands of vulnerabilities have been discovered in php based application because of the lack of filtering of input data. You can never trust a user, and verify what you are receiving.
The lack of securing input data can lead to sql injections, php injections, path disclosures, and more vulnerabilities. Some of these can be a serious risk not only for your website or a database but also to the whole server where your site is hosted. For example using mysql injection and path disclosure it’s possible to read and even write files (of course it depends on the server configuration.).
(more...)
viernes, 7 de marzo de 2008
Suscribirse a:
Enviar comentarios (Atom)
No hay comentarios:
Publicar un comentario