Tag: OWASP 2010 A4 – Insecure Direct Object References

• OWASP A4 – Insecure Direct Object References with PHP

  Direct object references occur when an application enables a user to provide an actual database key, file name, URL, etc as input and obtains access to data as a result. Our example on OWASP A10 is an example of providing a direct object reference. In our post, the final solution enables the user to supply…

  Josh Berry

  November 7, 2011

  OWASP 2010 A4, PHP Security

  ASVS 4.4, OWASP 2010 A4 – Insecure Direct Object References, PHP