How can I check whether a script available on the internet is insecure?

Using scripts in your account that are insecure (vulnerabilities unpatched) is very dangerous. Doing so runs the risk of account suspension or exploit from a third party which can cause total account compromise, data loss or account suspension/termination (if used by the person for warez, spam, etc).

Therefore, it is extremely important that all scripts in use are the latest version and secure.

A good way of determining whether a script is secure is to type the script name into http://www.google.com along with the word "exploit" which will bring up any security topics associated with the script that can be researched. For example, a search on PHP-Nuke can be seen here.

  • 19 Users Found This Useful
Was this answer helpful?

Related Articles

How do I test Python to make sure it is working for my account?

The following will allow you to create a test script to ensure Python is working on your account...

How do I parse PHP in HTML pages?

If you wish parse PHP in your HTML pages you need to add the following line you the .htaccess...

How do I use the Ioncube loaders?

The Ioncube loaders are installed and ready for use so you don't need to do anything to use them.

Is PHP ran as an Apache module or as CGI?

We run suPHP on our servers, so PHP is running as CGI.

Can I run PHP scripts anywhere on my web space?

You can run PHP scripts anywhere on your web space with the exception of the "cgi-bin".