March 30, 2010, 3:02PM
PHP Session IDs Can Be Guessed
Comment 
Security expert Andreas Bogk warns that, despite recent PHP
improvements, the session IDs of users who are logged into PHP
applications remain guessable. Upon close examination, the alleged
improvements display frightening weaknesses. Read the full article. [The H Security]
Recommended Reads
Commenting on this Article is closed.
Today's Most Popular
- Attackers Using Fake Google Analytics Code to Redirect Users to Black Hole Exploit Kit
- New Tool Will Automate Password Cracks on Common SCADA Product
- How Offensive Research Drives Down the Cost of Attacks
- Researchers Dump Trove of 0Days For Popular Android Applications
- Citadel Malware Authors Adopt Open-Source Development Model
Most Commented Stories
-
Attackers Using Fake Google Analytics Code to Redirect Users to Black Hole Exploit Kit (7)
-
Apple Ships Huge Set of Patches for OS X (7)
-
Privacy Fail: Is Uncle Sam Encouraging Bad Security? (8)
-
Flash With Sandbox in the Works for Firefox (4)
-
Twenty Something Asks Facebook For His File And Gets It - All 1,200 Pages (55)
Newsletter Sign-up
Take Our Poll
Follow Threatpost
 |  |  |  |
| Tumblr |
