Millions of websites vulnerable: Veracode

Millions of websites vulnerable: Veracode
Millions of websites vulnerable: Veracode

A recent study by Veracode shows four of five applications written using PHP, Classic ASP and Cold Fusion will fail an Open Web Application Security Project Top 10 test, which raises a concern over the vulnerability of the vast majority of websites today.

The research firm's study found that 86 percent of PHP-based apps have at least one Cross-Site Scripting vulnerability and 56 percent have at least one SQL injection. This is a major issue because PHP-based software is heavily used by the top three content management systems, Drupal, WordPress and Joomla.

In addition, Veracode said similar vulnerability trends can be seen with Classic ASP and Cold Fusion and that those languages are twice as likely to contain these problems as compared to modern languages like .net and Java.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS