[Owasp Source Flaws Top 10] how to evaluate risk from content management system--cms
Paolo Perego
thesp0nge at owasp.org
Fri Jul 30 10:11:05 EDT 2010
Hi Yi, this project was intended to track the 10 most present
vulnerabilities in a source code... the 10 worst programmer behavior.
However since this project is not intended to live anymore (due to
lack of usefulness), I kindly ask Paulo who is reading in cc to shut
it down.
Paolo
On Fri, Jul 30, 2010 at 3:47 PM, Yi Li <yi.li26 at gmail.com> wrote:
> will appreciate if anyone could share thoughts on how to evaluate the
> risk from 'content management system' CMS.
> the component of CMS that I would like to evaluate is the component
> that generate content for the web server, which is installed on the
> application server, which is usually done by install a library of CMS on
> E-comm's application server. assume there is a coding flaws in the code in
> this component, such as sql injection, my question is how to evaluate
> whether such vulnerabilities will open doors for hackers to attack the web
> applications deployed on the same application server, or such
> vulnerabilities will only endanger the CMS functionality.
> thanks.
>
> _______________________________________________
> Owasp-source-code-flaws-top-10 mailing list
> Owasp-source-code-flaws-top-10 at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-source-code-flaws-top-10
>
>
--
"... static analysis is fun, again!"
OWASP Orizon project leader, http://github.com/owasp-orizon
Owasp Italy R&D director
More information about the Owasp-source-code-flaws-top-10
mailing list