php Programming Glossary: vulnerabilities

Is this mail() function safe from header injection?

http://stackoverflow.com/questions/11040328/is-this-mail-function-safe-from-header-injection

spammers from using header injections Are there any vulnerabilities I'm not seeing create short variable names name filter_var _POST..

Preventing session hijacking

http://stackoverflow.com/questions/12233406/preventing-session-hijacking

attributes to forbid access via JavaScript in case of XSS vulnerabilities and to forbid transmission via insecure channel see session.cookie_httponly..

Shortcomings of mysql_real_escape_string?

http://stackoverflow.com/questions/12703420/shortcomings-of-mysql-real-escape-string

string situations. There are no fundamental injection vulnerabilities in mysql_real_escape_string that I am aware of if it is applied..

Are PDO prepared statements sufficient to prevent SQL injection?

http://stackoverflow.com/questions/134099/are-pdo-prepared-statements-sufficient-to-prevent-sql-injection

In this context I don't care about XSS or other possible vulnerabilities. php security pdo sql injection share improve this question..

The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead

http://stackoverflow.com/questions/13944956/the-mysql-extension-is-deprecated-and-will-be-removed-in-the-future-use-mysqli

in maintaining such old code amidst complex security vulnerabilities. The manual has contained warnings against its use in new code..

PHP Markdown XSS Sanitizer

http://stackoverflow.com/questions/2090080/php-markdown-xss-sanitizer

I'm looking for a simple PHP library that helps filter XSS vulnerabilities in PHP Markdown output. I.E. PHP Markdown will parse things.. in a similar fashion. I'm looking for ways to prevent XSS vulnerabilities in PHP Markdown OUTPUT . Thanks. php xss markdown sanitization..

How can I relax PHP's open_basedir restriction?

http://stackoverflow.com/questions/223800/how-can-i-relax-phps-open-basedir-restriction

this with and I'm also obviously wary of creating security vulnerabilities. Note I am using CentOS Apache Plesk and I have root ssh access..

PHP Upload file enhance security

http://stackoverflow.com/questions/2751384/php-upload-file-enhance-security

3 A serious problem is that these PDF files can exploit vulnerabilities such as buffer overflows commonly found in software made by..

Historical security flaws of popular PHP CMS's?

http://stackoverflow.com/questions/2951917/historical-security-flaws-of-popular-php-cmss

Joomla Drupal etc. What are some security flaws or vulnerabilities that they have they had in the past that I can avoid in my application..

Sanitize user defined CSS in PHP

http://stackoverflow.com/questions/3241616/sanitize-user-defined-css-in-php

profiles on my forum but I'm afraid of possible security vulnerabilities. Does anyone have any tips for sanitizing CSS Basic process..

Is “filter input, escape output” still valid with PDO

http://stackoverflow.com/questions/4218136/is-filter-input-escape-output-still-valid-with-pdo

is still valid. Filtering is not about preventing security vulnerabilities it's about not populating your database with garbage. If you're.. storing it. Escaping output is about preventing security vulnerabilities namely XSS or Cross Site Scripting . So yes both are quite important..

PHP: “Notice: Undefined variable” and “Notice: Undefined index”

http://stackoverflow.com/questions/4261133/php-notice-undefined-variable-and-notice-undefined-index

it does recommend it in order to avoid some security vulnerabilities or bugs where one would forget to give a value to a variable..

PHP function to evaluate string like “2-1” as arithmetic 2-1=1

http://stackoverflow.com/questions/5057320/php-function-to-evaluate-string-like-2-1-as-arithmetic-2-1-1

have to use the eval function and open your system up to vulnerabilities. Once you have the classes the following code is all that is..

PHP 2-way encryption: I need to store passwords that can be retrieved

http://stackoverflow.com/questions/5089841/php-2-way-encryption-i-need-to-store-passwords-that-can-be-retrieved

to encrypt is to protect against information disclosure vulnerabilities XSS remote inclusion etc . If it gets out the attacker can eventually.. And make sure nothing on the server has any kind of vulnerabilities CSRF XSS SQL Injection Privilege Escalation Remote Code Execution..

Stop people uploading malicious PHP files via forms

http://stackoverflow.com/questions/602539/stop-people-uploading-malicious-php-files-via-forms

very careful using ZipArchive. There have been traversal vulnerabilities in extractTo of the same sort that have affected most naive..

• virus
• visibility
• visible
• visit
• visited
• visiting
• visitor's
• visitor
• visitors
• visitor_id
• visits
• vista
• visual
• visualised
• visualization
• visualize
• visually
• visudo
• vm
• vname
• vnd.ms
• voice
• void
• voila
• vol
• volume
• volumes
• volunteer
• vote
• voted
• votes
• votes.php
• votifier
• voting
• vous
• vout
• vps
• vs
• vtemp
• vtest
• vu
• vulnerabilities
• vulnerability
• vulnerable
• v_dpth
• v_keyword
• v_tags_csv
• v_tags_idx
• volatile
• voltage
• volume
• vonc
• vote
• votes
• vowel
• vs.85
• vs
• vulnerabilities
• vulnerability
• vulnerable
• vv.getrendercontext
• vv
• vx
• vy
• vertices_.end
• vertices_
• vertlist
• verts
• very
• vexing