Please create an account to participate in the Slashdot moderation system


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Survey of 58K PHP sites: 80% highly vulnerable (

workie writes: Comparing the PHP version used by 58,000 PHP websites to the public vulnerability data at the National Vulnerability Database (NVD) reveals that 80% of the surveyed websites have the worst possible Common Vulnerability Scoring System (CVSS) score of 10. PHP utilization data shows that website owners are not upgrading their software packages once they initially setup their website. Further data shows that nearly all versions of PHP (as well as most other software systems) are vulnerable. If all software has vulnerabilities (and it appears that they do), and no one (website owners and maintainers) are updating their software once they install it (which this data implies), then the result is that all websites that are more than one release cycle old are vulnerable.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Survey of 58K PHP sites: 80% highly vulnerable

Comments Filter:

Wasn't there something about a PASCAL programmer knowing the value of everything and the Wirth of nothing?