[Owasp Source Flaws Top 10] how to evaluate risk from content management system--cms
yi.li26 at gmail.com
Fri Jul 30 11:09:39 EDT 2010
thanks. which email-list should I send to then?
the 'owasp-all' does not accept the email as well
On Fri, Jul 30, 2010 at 10:11 AM, Paolo Perego <thesp0nge at owasp.org> wrote:
> Hi Yi, this project was intended to track the 10 most present
> vulnerabilities in a source code... the 10 worst programmer behavior.
> However since this project is not intended to live anymore (due to
> lack of usefulness), I kindly ask Paulo who is reading in cc to shut
> it down.
> On Fri, Jul 30, 2010 at 3:47 PM, Yi Li <yi.li26 at gmail.com> wrote:
> > will appreciate if anyone could share thoughts on how to evaluate
> > risk from 'content management system' CMS.
> > the component of CMS that I would like to evaluate is the component
> > that generate content for the web server, which is installed on the
> > application server, which is usually done by install a library of CMS on
> > E-comm's application server. assume there is a coding flaws in the code
> > this component, such as sql injection, my question is how to evaluate
> > whether such vulnerabilities will open doors for hackers to attack the
> > applications deployed on the same application server, or such
> > vulnerabilities will only endanger the CMS functionality.
> > thanks.
> > _______________________________________________
> > Owasp-source-code-flaws-top-10 mailing list
> > Owasp-source-code-flaws-top-10 at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-source-code-flaws-top-10
> "... static analysis is fun, again!"
> OWASP Orizon project leader, http://github.com/owasp-orizon
> Owasp Italy R&D director
> Owasp-source-code-flaws-top-10 mailing list
> Owasp-source-code-flaws-top-10 at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-source-code-flaws-top-10