PHP Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by php
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Use-After-Free Vulnerability in PHP Products by PHP Group
CVE-2024-11235PHP GroupPHP9.2CRITICALSQL Injection Vulnerability in PHPGurukul Human Metapneumovirus Testing Management System
CVE-2025-2373PHP GurukulHuman Metapneumovirus ...8.8HIGHSQL Injection Risk in PHP SQLite Driver for PHP Versions
CVE-2022-31631PHP GroupPHP9.1CRITICALPotential Security Vulnerability in PHP Streams with Configured Proxy and 'request_fulluri' Option
CVE-2024-11234PHPPHP7.2HIGHUncontrolled Long String Inputs to ldap_escape() Function on 32-bit Systems Can Cause Integer Overflow and Out-of-Bounds Write
CVE-2024-11236PHPPHP9.8CRITICALBuffer Overread Vulnerabilities in PHP Could Lead to Crashes or Memory Disclosure
CVE-2024-11233PHP GroupPHP8.2HIGHUncontrolled Long String Inputs Can Cause Integer Overflow and Out-of-Bounds Write in PHP
CVE-2024-8932PHP GroupPHP9.8CRITICALHTTP_REDIRECT_STATUS variable manipulation can lead to arbitrary file inclusion in PHP
CVE-2024-8927PHP GroupPHP7.5HIGHCVE-2024-4577 Vulnerability in PHP Could Allow Command Injection and Source Code Revelation
CVE-2024-8926PHP GroupPHP8.8HIGHSQL Injection Vulnerability in Daily Expenses Management System by PHP Gurukul
CVE-2024-29390PHP GurukulDaily Expenses Managem...7.3HIGHPHP CGI Module Vulnerability Allows Malicious User to Reveal Source Code and Run Arbitrary PHP Code on Server
CVE-2024-4577PHP GroupPHP๐ฅ๐๐ฐ๐พ๐กEPSS 94%๐ฆ ๐ฐ9.8CRITICALTrailing spaces in command names can lead to arbitrary command execution in PHP
CVE-2024-5585PHP GroupPHP7.7HIGHSmarty Template Engine Vulnerability Affects Sites, Update ASAP
CVE-2024-35226Smarty-PHPSmarty7.3HIGHArbitrary Command Execution Vulnerability in PHP Proc Open Function
CVE-2024-1874PHP GroupPHP๐พ๐กEPSS 42%๐ฐ9.4CRITICALEndless Loop in mb_encode_mimeheader Function Could Lead to DoS Attack
CVE-2024-2757PHP GroupPHP7.5HIGHRemote Privilege Escalation and Sensitive Information Theft via Task ID Parameter in PHP Task Management System
CVE-2024-28613PHP Task Manageme...PHP Task Management Sy...9.8CRITICALSQL Injection Vulnerability Discovered in Student Enrollment System
CVE-2023-41503PHPStudent Enrollment9.8CRITICALSQL Injection Vulnerability in Task Manager App by Burak Sevben
CVE-2024-25220Task Manager In P...Task Manager In PHP Wi...9.8CRITICALSQL Injection Vulnerability in Task Manager App by Burak Sevben
CVE-2024-25222Task Manager In P...Task Manager In PHP Wi...9.8CRITICALTiming Side Channel Vulnerability in php-jwt
CVE-2024-25191php-jwtPHP-jwt9.8CRITICALSQL Injection Vulnerability in Exam Form Submission by PHP
CVE-2023-42359Exam Form Submiss...Exam Form Submission I...9.8CRITICALStack Buffer Overflow in PHP Phar File Loading Could Lead to Memory Corruption or RCE
CVE-2023-3824PHP GroupPHP๐ฅ๐๐พ๐กEPSS 16%๐ฐ9.8CRITICALSecurity issue with external entity loading in XML without enabling it
CVE-2023-3823PHP GroupPHP๐พ๐ฐ7.5HIGHPHP-Login POST Parameter class.loginscript.php checkLogin sql injection
CVE-2016-15031PHP-login ProjectPHP-login7.3HIGHCross site scripting vulnerability in Javascript escaping in smarty/smarty
CVE-2023-28447Smarty-PHPSmarty๐พ๐ก7.1HIGH