Introduction
There are several types of attacks that your Joomla! site may be vulnerable to such as CSRF, Buffer Overflows, Blind SQL Injection, Denial of Service, and others that are yet to be found. SQL Injections and RFIs, being very popular, will be a part of this chapter.
Note
The top issues in PHP-based websites are:
Incorrect or invalid (intentional or unintentional) input
Access control vulnerabilities
Session hijacks and attempts on session IDs
SQL Injection and Blind SQL Injection
Incorrect or ignored PHP configuration settings
Divulging too much in error messages and poor error handling
Cross Site Scripting (XSS)
Cross Site Request Forgery, that is CSRF (one-click attack)
