CodeClarityLab / Glossary
Ctrl K
← CodeClarityLab Home
Browse by Category
+ added · updated 7d
⚖ Terms of Use

Tag: security

3 terms of 1448 total

Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared
Level All Beginner Intermediate Advanced Tag: security
✕ Clear A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Insecure Deserialization
Deserializing attacker-controlled data can trigger arbitrary object construction and method calls — PHP's unserialize() with untrusted input enables remote code execution via gadget chains in the loaded class graph.
CWE-502 OWASP A8:2021
1mo ago security advanced
Insecure Randomness PHP 7.0+
Using non-cryptographic random functions (rand(), mt_rand(), array_rand()) for security tokens — these are predictable and enable token forgery, session prediction, and CSRF bypass.
2mo ago security intermediate
Input Validation vs Output Encoding PHP 5.0+
Validation checks that input is acceptable; output encoding makes data safe for the context it's rendered in. Both are required.
2mo ago general beginner
✓ schema.org compliant