
Ask HN: What were some of the more devastating PHP exploits? - GigabyteCoin
I am re-writing an old website of mine in PHP. I am curious what some of the worst PHP security exploits are that have been found in the recent past.
======
csixty4
PHP itself has been pretty secure for a while. If you're concerned about
security within your application, go with a framework that handles things like
database access for you.

The biggest thing to watch out for is SQL injection. There's so much old,
viulnerable PHP code out there - and much of it in the examples people put out
there for beginners!

OWASP has a PHP Security Cheat Sheet you might find helpful:
[https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet](https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet)

~~~
GigabyteCoin
Thank you for your insightful comment. I am reading through the owasp web page
you linked right now.

