Your Open Source

Free YourOpenSource Softwares Online Resources and Softwares Downloads with Demo
 
Related Posts

Security:: Register Globals

    Arguably the most common source of vulnerabilities in PHP applications.
  • Any input parameters are translated to variables.
    ?foo=bar >> $foo = “bar”;
  • No way to determine the input source.
  • Prioritized sources like cookies can overwrite GET values.
  • Un-initialized variables can be “injected” via user inputs. 
    if (authenticated_user()) {

    $authorized = true;

    }

    if ($authorized) {

    include '/highly/sensitive/data.php';

    }
  • Because $authorized is left un-initialized if user
    authentication fails, an attacker could access privileged
    data by simply passing the value via GET.
    http://example.com/script.php?authorized=1


    • >

    • hits 293
    • datetime Oct 06 08 11:08:45
    • author Sekar
    • rating

    Rating : 12345
    		Tags :- PHP

    Answers

    No Answers..
    Your Name:
    Your Answers :
    <> is a code tag
    Preview
    Enter the verification code: