PHP Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by php
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Unsecured CGI Path Splitting in FrankenPHP Affects PHP Application Servers
CVE-2026-24895PHPFrankenPHP8.9HIGHSession Management Flaw in FrankenPHP Affects Multiple Versions
CVE-2026-24894PHPFrankenPHP8.7HIGHRemote Code Execution in PHP-Fusion 9.03.50 by PHP-Fusion
CVE-2020-37137PHP FusionPHP Fusion👾🟡8.6HIGHNull Pointer Dereference in PHP PDO PostgreSQL Driver
CVE-2025-14180PHP GroupPHP8.2HIGHArbitrary File Upload in PHP Volunteer Management System by PHP Volunteer
CVE-2012-10056PHP Volunteer Man...PHP Volunteer Management👾🟡EPSS 32%8.7HIGHPHP Code Execution Vulnerability in PHP-Charts by PHP-Charts.com
CVE-2013-10070PHP-chartsPHP-charts👾🟡EPSS 58%10CRITICALSQL Injection Vulnerability in Employee Record Management System by PHP and MySQL
CVE-2025-45065PHP and MySQLEmployee Record Manage...9.8CRITICALSQL Injection Vulnerability in Student Record System by PHP Gurukul
CVE-2024-27685PHP GurukulStudent Record System7.1HIGHUse-After-Free Vulnerability in PHP Products by PHP Group
CVE-2024-11235PHP GroupPHP9.2CRITICALSQL Injection Vulnerability in PHPGurukul Human Metapneumovirus Testing Management System
CVE-2025-2373PHP GurukulHuman Metapneumovirus ...8.8HIGHSQL Injection Risk in PHP SQLite Driver for PHP Versions
CVE-2022-31631PHP GroupPHP9.1CRITICALUncontrolled Long String Inputs to ldap_escape() Function on 32-bit Systems Can Cause Integer Overflow and Out-of-Bounds Write
CVE-2024-11236PHP GroupPHP9.8CRITICALUncontrolled Long String Inputs Can Cause Integer Overflow and Out-of-Bounds Write in PHP
CVE-2024-8932PHP GroupPHP9.8CRITICALHTTP_REDIRECT_STATUS variable manipulation can lead to arbitrary file inclusion in PHP
CVE-2024-8927PHP GroupPHP7.5HIGHCVE-2024-4577 Vulnerability in PHP Could Allow Command Injection and Source Code Revelation
CVE-2024-8926PHP GroupPHP8.1HIGHSQL Injection Vulnerability in Daily Expenses Management System by PHP Gurukul
CVE-2024-29390PHP GurukulDaily Expenses Managem...7.3HIGHSQL Injection Vulnerability in Online Bookstore Project
CVE-2024-37848Online-Bookstore-...Online-Bookstore-Proje...8.4HIGHPHP CGI Module Vulnerability Allows Malicious User to Reveal Source Code and Run Arbitrary PHP Code on Server
CVE-2024-4577PHP GroupPHP🥇📈💰👾🟡EPSS 94%🦅📰9.8CRITICALTrailing spaces in command names can lead to arbitrary command execution in PHP
CVE-2024-5585PHP GroupPHP7.7HIGHSmarty Template Engine Vulnerability Affects Sites, Update ASAP
CVE-2024-35226Smarty-PHPSmarty7.3HIGHArbitrary Command Execution Vulnerability in PHP Proc Open Function
CVE-2024-1874PHP GroupPHP👾🟡EPSS 63%📰9.4CRITICALEndless Loop in mb_encode_mimeheader Function Could Lead to DoS Attack
CVE-2024-2757PHP GroupPHP7.5HIGHRemote Privilege Escalation and Sensitive Information Theft via Task ID Parameter in PHP Task Management System
CVE-2024-28613PHP Task Manageme...PHP Task Management Sy...9.8CRITICALSQL Injection Vulnerability Discovered in Student Enrollment System
CVE-2023-41503PHPStudent Enrollment9.8CRITICALArbitrary File Upload Vulnerability in Student Enrollment In PHP
CVE-2023-41506Student Enrollmen...Student Enrollment In PHP9.8CRITICAL