Exposure of PHP
Programming languages829
exposure score
4,550,434
sites use
2
exploited
43
critical
CVEs
1,079 resultsCVE-2019-11036MEDIUMHeap over-read in PHP EXIF extensionEPSS 6.8%CVE-2019-11048MEDIUMTemporary files are not cleaned after OOM when parsing HTTP request dataEPSS 6.3%CVE-2023-0527LOWPHPGurukul Online Security Guards Hiring System search-request.php cross site scriptingEPSS 6.2%CVE-2021-37704MEDIUMExposed phpinfo() in PhpFastCacheEPSS 6.1%CVE-2023-53941CRITICALEasyPHP Webserver 14.1 Remote Code ExecutionEPSS 5.7%CVE-2023-4116MEDIUMPHP Jabbers Taxi Booking index.php cross site scriptingEPSS 5.2%CVE-2023-4115MEDIUMPHP Jabbers Cleaning Business index.php cross site scriptingEPSS 5.2%CVE-2023-4112MEDIUMPHP Jabbers Shuttle Booking Software index.php cross site scriptingEPSS 5.2%CVE-2023-4113MEDIUMPHP Jabbers Service Booking Script index.php cross site scriptingEPSS 5.2%CVE-2019-11044LOWlink() silently truncates after a null byte on WindowsEPSS 5.1%CVE-2023-4114MEDIUMPHP Jabbers Night Club Booking Software index.php cross site scriptingEPSS 5.1%CVE-2020-7070MEDIUMPHP parses encoded cookie names so malicious `__Host-` cookies can be sentEPSS 5.0%CVE-2020-7065HIGHmb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_fullEPSS 4.7%CVE-2016-9482—PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to authentication bypassEPSS 4.7%CVE-2022-29221HIGHPHP Code Injection by malicious block or filename in SmartyEPSS 4.5%CVE-2016-9484—PHP FormMail Generator generates PHP code for standard web forms, and the code generated does not properly validate user input folder directories and is vulnerable to path traversalEPSS 4.4%CVE-2019-11042MEDIUMheap-buffer-overflow on exif_process_user_comment in EXIF extensionEPSS 4.4%CVE-2019-11041MEDIUMheap-buffer-overflow on exif_scan_thumbnail in EXIF extensionEPSS 4.4%CVE-2019-11038LOWUninitialized read in gdImageCreateFromXbmEPSS 4.3%CVE-2019-11035MEDIUMHeap over-read in PHP EXIF extensionEPSS 4.3%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →