Historical security flaws of popular PHP CMS's?

Posted by VirtuosiMedia on Stack Overflow See other posts from Stack Overflow or by VirtuosiMedia
Published on 2010-06-01T17:31:36Z Indexed on 2010/06/01 17:33 UTC
Read the original article Hit count: 304

Filed under:
|
|

I'm creating a PHP CMS, one that I hope will be used by the public. Security is a major concern and I'd like to learn from some of the popular PHP CMS's like Wordpress, Joomla, Drupal, etc. What are some security flaws or vulnerabilities that they have they had in the past that I can avoid in my application and what strategies can I use to avoid them? What are other issues that I need to be concerned with that they perhaps didn't face as a vulnerability because they handled it correctly from the start? What additional security features or measures would you include? Please be as specific as possible. I'm generally aware of most of the usual attack vectors, but I want to make sure that all the bases are covered, so don't be afraid to mention the obvious as well. Assume PHP 5.2+.

© Stack Overflow or respective owner

Related posts about php

Related posts about security