Browse by Tags - HP Application Security Center Community
United States-English
Home - Tab - Selected
» Blogs - Tab
» Forums - Tab

Browse by Tags


HP Application Security Center Community » All Tags » php (RSS)

» Top Five Web Application Vulnerabilities 6/09/08 - 6/22/08

1) IBM Workplace Unspecified Cross-Site Scripting Vulnerability IBM Workplace for Business Controls and Reporting and IBM Workplace Web Content Management are susceptible to an unspecified instance of Cross-Site Scripting. An attacker can leverage this issue to execute script code in the browsers of...
Posted to Top Web Vulnerabilities (Weblog) by mark.painter on 06-23-2008

» News Flash: phpBB Massive Hack

ComputerWorld is running an article from Paul Ferguson of TrendMicro claiming that there is a massive hack going on as you read this - via the phpBB bulletin-board software. Truth be told, phpBB has been known to be bug-ridden over the years (simply Google "phpBB vulnerability" and you'll...
Posted to Following the White Rabbit (Weblog) by Rafal Los on 05-13-2008

» MOPB Followup: PHP (finally) releases fixed versions

The Month of PHP Bugs (MOPB) has come and gone, leaving 40+ identified PHP security problems in its wake. I've already analyzed the bugs themselves in my previous MOPB mid-month analysis and MOPB end of month full review . Now we were just waiting around to see how long it took the PHP team to release...
Posted to cat /dev/random | grep security (Weblog) by jbforristal on 05-08-2007

» The current state of PHP security (w/ MOPB full review)

The Month of PHP Bugs (MOPB) has concluded, and thus it’s time to review the state of PHP security. Those of you who read my MOPB mid-month analysis are already familiar with the concept: take the pile of MOPB bugs, analyze their impact, and correlate it back to the development fix. Rather than...
Posted to cat /dev/random | grep security (Weblog) by jbforristal on 04-03-2007

» Month of PHP Bugs: Mid-month analysis

[Note: updated 20-Mar-2007 to clarify some sections, based on feedback from Stefan Esser] We've hit the half-way point through the Month of PHP Bugs (MOPB), and as promised, I created an analysis of all the bugs released up to and including March 16th; that covers the first 24 bugs released for MOPB...
Posted to cat /dev/random | grep security (Weblog) by jbforristal on 03-19-2007

» PHP users: stand alert

Today is March first, and that means the Month of PHP Bugs initiative has officially kicked off. Every day for an entire month the folks from the Hardened-PHP Project will be releasing advisories for vulnerabilities in PHP. If you have PHP installed on any of your servers, you should keep tabs on the...
Posted to cat /dev/random | grep security (Weblog) by jbforristal on 03-01-2007
Page 1 of 1 (6 items)
Information disclosed in this community becomes public. Exercise caution when deciding to disclose your personal information. HP reserves the right, but is not obligated to, edit or remove your comment if it contains personally identifiable information or other content HP deems unacceptable.  Opinions expressed are your personal opinions or those of the original authors, and not of HP. Please see HP's web Terms of Use for more details.