{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T05:08:25Z","timestamp":1750136905659},"publisher-location":"Berlin, Heidelberg","reference-count":10,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642342097"},{"type":"electronic","value":"9783642342103"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-34210-3_3","type":"book-chapter","created":{"date-parts":[[2012,10,9]],"date-time":"2012-10-09T14:24:57Z","timestamp":1349792697000},"page":"31-46","source":"Crossref","is-referenced-by-count":12,"title":["THAPS: Automated Vulnerability Scanning of PHP Applications"],"prefix":"10.1007","author":[{"given":"Torben","family":"Jensen","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Heine","family":"Pedersen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mads Chr.","family":"Olesen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ren\u00e9 Rydhof","family":"Hansen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"3_CR1","doi-asserted-by":"crossref","unstructured":"Ashcraft, K., Engler, D.R.: Using programmer-written compiler extensions to catch security holes. In: Proc. IEEE Symposium on Security and Privacy (S&P 2002), pp. 143\u2013159 (2002)","DOI":"10.21236\/ADA419600"},{"key":"3_CR2","doi-asserted-by":"crossref","unstructured":"Huang, Y.-W., Yu, F., Hang, C., Tsai, C.-H., Lee, D.-T., Kuo, S.-Y.: Securing web application code by static analysis and runtime protection. In: Proceedings of the 13th International Conference on World Wide Web (WWW 2004), pp. 40\u201352 (2004)","DOI":"10.1145\/988672.988679"},{"key":"3_CR3","unstructured":"Jensen, T., Pedersen, H.: THAPS\u2014Analysis of PHP web applications. Master\u2019s thesis, Department of Computer Science, Aalborg University, Denmark (2012), http:\/\/plazm.dk\/THAPS%20-%20detection%20of%20web%20application%20vulnerabilities.pdf"},{"key":"3_CR4","unstructured":"Benjamin Livshits, V., Lam, M.S.: Finding security vulnerabilities in Java applications with static analysis. In: Proceedings of the 14th USENIX Security Symposium. USENIX (2005)"},{"key":"3_CR5","unstructured":"Martin, B., Browne, M., Paller, A., Kirby, D.: 2011 CWE\/SANS top 25 most dangerous software errors (September 2011), http:\/\/cwe.mitre.org\/top25\/index.html (last accessed June 10, 2012)"},{"issue":"12","key":"3_CR6","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1145\/96267.96279","volume":"33","author":"B.P. Miller","year":"1990","unstructured":"Miller, B.P., Fredrikson, L., So, B.: An empirical study of the reliability of unix utilities. Comm. of the ACM\u00a033(12), 32 (1990)","journal-title":"Comm. of the ACM"},{"key":"3_CR7","unstructured":"Newsome, J., Song, D.X.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 2005 (2005)"},{"key":"3_CR8","unstructured":"Pedersen, H., Jensen, T.: A study of web application vulnerabilities and vulnerability detection tools. Project report (sw9), Department of Computer Science, Aalborg University (2011), http:\/\/plazm.dk\/A%20study%20of%20web%20application%20vulnerabilities%20and%20vulnerability%20detection%20tools.pdf"},{"key":"3_CR9","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: Proc. IEEE Symposium on Security and Privacy (S&P 2010), pp. 317\u2013331 (2010)","DOI":"10.1109\/SP.2010.26"},{"key":"3_CR10","unstructured":"Xie, Y., Aiken, A.: Static detection of security vulnerabilities in scripting languages. In: Proceedings of the 15th USENIX Security Symposium. USENIX (August 2006)"}],"container-title":["Lecture Notes in Computer Science","Secure IT Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-34210-3_3.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,24]],"date-time":"2020-11-24T03:13:29Z","timestamp":1606187609000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-34210-3_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642342097","9783642342103"],"references-count":10,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-34210-3_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}