Home » PHP » Major security issues facing by the websites

Major security issues facing by the websites


1) Cross Site ScriptingHIGH
2) File Upload VulnerabilityHIGH
3) Directory Listing VulnerabilityHIGH
4) Unencrypted Login PagesHIGH
5) Session HijackingHIGH
6) Cross Site Request Forgery(csrf)HIGH
7) Weak Captcha ImplementationMEDIUM
8) Cross Frame Scripting(css)MEDIUM
9)Internal Error HandlingMEDIUM
10)Cookies are not marked as HTTPOnlyLOW


• Random Tokens should be used on all critical operations.
• Ensure good and secure Session Management practices are followed.
• Configure the application to disable any kind of browsable directories
• Coding flaws and configuration flaws should be remediated immediately.
• Special characters should be filtered by the Web Application to prevent SQL
Injection and cross site scripting.
• Username and password forms should be encrypted and HTTPS should be used.
• Make sure the web server and application server are configured in a secure way.
• Ensure that none of the error messages of response pages disclose any kind of
information about the underlying systems.
• Secure Coding Methodologies should be followed to eliminate discrepancies and
prevent disclosure of information

Leave a Reply


Check Also

HTML to PDF Conversion in CodeIgniter

A number of PHP libraries to convert HTML page to PDF file. After a lot ...