Programming
Article
By Harry Fuecks

Oh dear

By Harry Fuecks
Help us help you! You'll get a... FREE 6-Month Subscription to SitePoint Premium Plus you'll go in the draw to WIN a new Macbook SitePoint 2017 Survey Yes, let's Do this It only takes 5 min

Google Code Search for Security Vulnerabilities

Here’s my attempt – hunting for $_GET / $_POST / $_COOKIE placed at the start of on and include / require / include_once / require_once – potentially a path to include remote files. (Un)?fortunately seems to break the search interface right now – although more results are reported, you can’t seem to get beyond page 2 right now.

lang:php (include|require)(_once)?s*['"(]?s*$_(GET|POST|COOKIE)

So what’s the opposite of “security by obscurity” – because this seems to be it – Koders at least kept their search syntax weak.

Login or Create Account to Comment
Login Create Account
Recommended
Sponsors
Get the most important and interesting stories in tech. Straight to your inbox, daily.Is it good?