ln -s “Exploiting Memory Corruption Bugs in PHP” .


An excellent series of three blog posts on the said topic.

ln -s “Why File Upload Forms Are a Major Security Threat” .


A good article about the danger of providing a file upload functionality in a web application, and how some of the security mechanisms (such as MIME-type and extension filtering) can actually be bypassed.

ln -s “Everything You Wanted to Know About SQL Injection (But Were Afraid to Ask)” .


This is not an in-depth instruction manual on SQL injection, nor an introduction of cutting edge exploitation techniques. Nevertheless, it is a very good primer on the concepts and basics of SQL injection.