http://www.erata.net If we don't have the solution you have the wrong problem Thu, 17 Nov 2011 11:12:57 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 http://www.erata.net/security/wordpress-exploit-scanner-plugin/ http://www.erata.net/security/wordpress-exploit-scanner-plugin/#comments Tue, 03 Mar 2009 08:45:30 +0000 Iulian Margarintescu http://www.erata.net/?p=65 this plugin and i would like to share with everybody since it may help secure the web. This plugin scans the wordpress installation folder for paterns usualy found in exploits/throjans/malware web scripts. The plugin produces quite a few false positive alerts but also it's very easy to spot suspicious code in suspicious files. It would be nice if read full article]]> http://www.erata.net/security/wordpress-exploit-scanner-plugin/feed/ 0 http://www.erata.net/security/i-gave-up-on-coppermine-gallery/ http://www.erata.net/security/i-gave-up-on-coppermine-gallery/#comments Fri, 27 Feb 2009 16:14:33 +0000 Iulian Margarintescu http://www.erata.net/?p=60 Coppermine Photo Gallery for http://gallery.erata.net but today i've decided to close it down. The number of vulnerabilities ( most of them critical ) discovered over the years got me thinking. You can see what i mean here http://www.milw0rm.com/search.php?dong=coppermine. 3 vulnerabilities found in the first two months of 2009.  4 in 2008. This remembers me of read full article]]> http://www.erata.net/security/i-gave-up-on-coppermine-gallery/feed/ 1 http://www.erata.net/security/web-application-security-flows/ http://www.erata.net/security/web-application-security-flows/#comments Thu, 12 Oct 2006 12:07:06 +0000 Iulian Margarintescu http://www.erata.net/weblog/projects/2006/10/12/web-application-security-flows/ Intro First i must say that this will not be a way to prove that your application is secure, it will only be a quick & dirty way of finding common bugs in web applications. The following will be a few techniques that i tend to use the first time i see an web application ( and generally a database application ). I will use PHP for the few code examples but the vulnerabilities presented are not limited to PHP, in fact are independent of the server-side programming language used. read full article]]> http://www.erata.net/security/web-application-security-flows/feed/ 0