WebSec Quick Fix
@websecquickfix
Quick hits of hand-picked Web Application Security news coming your way! Also check out Websec.io for more! http://websec.io
You might like
From @colinodell: “CVE-2018-20583 - XSS Vulnerability in league/commonmark” colinodell.com/blog/201812/cv…
colinodell.com
CVE-2018-20583 - XSS Vulnerability in league/commonmark
A cross-site scripting (XSS) vulnerability was found in the PHP League's CommonMark library (league/commonmark) versions 0.15.6 through 0.18.x before 0.18.1. It allows remote attackers to insert...
From @dragonbe: “A word about my Have I Been Pwned package” dragonbe.com/2018/12/a-word…
From @dliciousbrains: “PHP Encryption Methods for Passwords & Other Sensitive Data” deliciousbrains.com/php-encryption…
From @tutsplus: “TutsPlus: Secure, Passwordless Authentication Using Auth0” code.tutsplus.com/tutorials/secu…
From the @Zend blog: “Zend Framework: ACLs for users with multiple roles” blog.zend.com/2018/07/05/zen…
If you’re interested in PHP security and are a reddit fan, be sure to add /r/phpsec to your subscription list! reddit.com/r/phpsec
From @ripstech: “RIPS becomes Joomla! Official Code Analysis Partner” blog.ripstech.com/2018/rips-beco…
Just posted: "Keeping Credentials Secure in PHP" websec.io/2018/06/14/Kee…
Leverage zend-input-filter to validate your API data in ANY application! framework.zend.com/blog/2017-06-1… #php #security #api
From the Symfony Blog: “CVE-2018-11408: Open redirect vulnerability on security handlers (Symfony Blog)” symfony.com/blog/cve-2018-…
From @sitepoint: “How to Fix Magento Login Issues with Cookies and Sessions” sitepoint.com/fix-magento-lo…
From @marcelpociot: “A .env replacement for storing your production credentials in your Laravel application” marcelpociot.de/blog/laravel-e…
From @drupalsecurity: “Drupal 7 and 8 core highly critical release on March 28th, 2018 PSA-2018-001” drupal.org/psa-2018-001
From @the_yellow_fall: “[Bypass WAF] Php webshell without numbers and letters” securityonline.info/bypass-waf-php…
securityonline.info
[Bypass WAF] Php webshell without numbers and letters
php webshell, bypass waf php webshell, upload php webshell
Using Canaries for Input Detection and Response: The Canary PHP library combines input matching and automatic ...: fdlr.io/bfk
From @Scott_Helme: “A new security header: Referrer Policy” scotthelme.co.uk/a-new-security…
scotthelme.co.uk
A new security header: Referrer Policy
Regular readers will know how fond I am of the existing security headers so I'm pleased to announce we have another!
From the @symfony blog: “New in Symfony 4.1: Validator improvements” symfony.com/blog/new-in-sy…
Today’s a special day! @nomadphp and several PHP community authors (including myself) have teamed up to create a great ebook deal - Five for $30! nomadphp.com/product/five-3… #five4thirty #ebook
From @thepinecode: “Easy Role Management with Pivot Models” pineco.de/easy-role-mana… #laravel
pineco.de
Easy Role Management with Pivot Models
If you have ever developed any kind of SaaS app (like Spark), you know what team level role management means. Instead of picking a bad strategy for handling roles, we can bring simple solution by…
@contrastsec has posted their latest “AppSec Threat Intelligence Report” (January 2018) contrastsecurity.com/security-influ…
United States Trends
- 1. Sherrone Moore 17.1K posts
- 2. Michigan 68.6K posts
- 3. Erika 105K posts
- 4. Mel Tucker 1,116 posts
- 5. Ann Arbor 2,122 posts
- 6. Vini 46.4K posts
- 7. Jesse Minter N/A
- 8. Biff Poggi N/A
- 9. Mets 55.1K posts
- 10. Bryce Underwood N/A
- 11. Xabi 86.6K posts
- 12. Sheen 32.2K posts
- 13. Real Madrid 184K posts
- 14. Jedd Fisch N/A
- 15. Rudiger 33.4K posts
- 16. Rodrygo 67K posts
- 17. John Harbaugh N/A
- 18. Ime Udoka N/A
- 19. Orioles 22.8K posts
- 20. Warde 1,750 posts
Something went wrong.
Something went wrong.