Improper Error Handling

This topic is locked

Improper Error Handling	11/26/2020 4:58:13 AM
PHPRunner General questions
M m.salahi author ho every one how i can slove this Vulnerability Details affected URLs: ip/moraqeb/get-supervisors.php?sid=721 ip/moraqeb/get-reg-counter.php?lid=721 ip/moraqeb/get-camp-counter.php?lid=721 ip/moraqeb/get-districts.php?sid=2041 ip/moraqeb/distribute_stores_print.php?eid=1688 General Overview Return details if an internal error occurred. Such details typically include a stacktrace. These details are useful during development and debugging, but once the application is deployed, it is important that such details do not find their wayto regular users because the details may include information about the implementation and could expose vulnerabilities Recommendations Develop generic error message for all errors. Use structured exception handling (try/catch). https://docs.microsoft.com/en-us/aspnet/web-forms/overview/getting-started/gettingstarted-with-aspnet-45-web-forms/aspnet-error-handling https://www.codeproject.com/articles/15146/exception-handling-in-c-and-asp-net https://www.tutorialspoint.com/asp.net/asp.net_error_handling.htm

Mark as Solved Mark as not solved

2 replies


M	MikeT 11/26/2020
	see here https://xlinesoft.com/phprunner/docs/error_reporting.htm And make sure that you don't have debug mode activated in a production version (see manual).


	Admin 11/26/2020
	What does this have to do with PHPRunner?

2 replies

Mark as Solved Reply