Well i am studying about web security. I have found some threats that developer should take care while coding.
1) Validate user input
2) SQL Injection
3) Cross -site scripting
I would like to ask that Are there other threats than the above mentioned?
If there then please tell me as i am preparing one document on web security and i would like to cover all the threats that one would face.
if you're refering to security in general, that's a whole ocean (see hacking)
as far as coding via a server-side language, such as PHP, you have the basics down. Those three are the major ones.
This may or may not fall under user input, but also there is session/cookie security If an application relies on it.
You could also add more security measures against brute force attacks. For example you could block someone's IP if they attempted to log in 20 times during 1 day and failed. Although the hacker can change his IP, this will cripple his brute force attack.
Another thing is have passwords be longer than 6 characters containing more than just plain characters but special characters and numbers as well.
Good luck on your paper,
Dan