Exposição de PHP

Programming languages

829

score de exposição

4.550.434

sites usam

2

em exploração

43

críticos

CVEs

1.079 resultados

CVE-2020-7067HIGHOOB Read in urldecode()EPSS 4.3%CVE-2020-7064MEDIUMUse-of-uninitialized-value in exifEPSS 4.3%CVE-2019-11049MEDIUMmail() may release string with refcount==1 twiceEPSS 4.1%CVE-2019-11046LOWBuffer underflow in bc_shift_addsubEPSS 4.1%CVE-2019-11034MEDIUMHeap over-read in PHP EXIF extensionEPSS 4.0%CVE-2019-11040MEDIUMHeap buffer overflow in EXIF extensionEPSS 4.0%CVE-2020-7061MEDIUMheap-buffer-overflow in phar_extract_fileEPSS 3.9%CVE-2011-1939—SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conEPSS 3.9%CVE-2024-8926HIGHPHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)EPSS 3.7%CVE-2020-7062HIGHNull Pointer Dereference in PHP Session Upload ProgressEPSS 3.5%CVE-2021-32708CRITICALTime-of-check Time-of-use (TOCTOU) Race Condition in league/flysystemEPSS 3.5%CVE-2016-9483—PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to unsafe deserialization of untrusted dataEPSS 3.5%CVE-2022-31625HIGHFreeing unallocated memory in php_pgsql_free_params()EPSS 3.4%CVE-2013-4454—WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass VulnerabilitiesEPSS 3.4%CVE-2016-9492—PHP forms generated using the PHP FormMail Generator are vulnerable to unrestricted upload of dangerous file typesEPSS 3.4%CVE-2014-3622—Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackerEPSS 3.1%CVE-2021-21702MEDIUMNull Dereference in SoapClientEPSS 3.1%CVE-2020-5616—[Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] [Calendar01] free editionEPSS 3.1%CVE-2023-1211HIGH SQL Injection in phpipam/phpipamEPSS 3.0%CVE-2019-11039MEDIUMOut-of-bounds read in iconv.cEPSS 3.0%

← anteriorpágina 3 / 54próxima →

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →