I think my PHP app is being session hijacked?

Posted by Mark Sandman on Stack Overflow See other posts from Stack Overflow or by Mark Sandman
Published on 2010-04-18T18:27:40Z Indexed on 2010/04/18 18:33 UTC
Read the original article Hit count: 290

Filed under:
|
|
|

Hi there,

I have a php site that lets registered users login (with a valid passord) and sets up a session based on their UserID. However I'm pretty sure thisis being hijacked and I've found "new" files on my server I didn't put there. My site cleans all user input for SQL injections and XSS but this keeps happening. Has anyone got any ideas on how to solve this?

© Stack Overflow or respective owner

Related posts about php

Related posts about xss