Tagged Questions
6
votes
3answers
1k views
PHP mail() Header Injection Prevention
This site nicely explains the problem. Essentially, nearly all php mail() examples that are given are vulnerable to header injection attacks. The referenced site gives a regex sanitation solution ...
8
votes
5answers
822 views
Scripting a search through php files for dangerous calls for manual review
I'm automating a script which searches through all php files on a big site for dangerous commands. The files which are found will be manually code reviewed.
Does anyone have any recommendations for ...