CVE-2025-23949

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in dzeriho Improved Sale Badges – Free Version improved-sale-badges-free-version allows PHP Local File Inclusion.This issue affects Improved Sale Badges – Free Version: from n/a...

PT-2025-51882

Name of the Vulnerable Software and Affected Versions AWS SDK for PHP versions prior to 3.368.0 Description A missing cryptographic key commitment in the AWS SDK for PHP could allow a user with write access to an S3 bucket to introduce a new Encryption Data Key EDK that decrypts to different...

EUVD-2002-0246

Malware in sbrugna...

PT-2025-26294 · Unknown · Phpgurukul Pre-School Enrollment System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Pre-School Enrollment System version 1.0 Description: A critical issue was found in the PHPGurukul Pre-School Enrollment System, affecting an unknown part of the file /enrollment.php. The manipulation of the fathername argument lea...

BIT-PHP-2025-1736 Stream HTTP wrapper header check might omit basic auth header

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

PT-2025-16208 · Unknown · Scriptandtools Ecommerce-Website-In-Php

Name of the Vulnerable Software and Affected Versions: ScriptAndTools eCommerce-website-in-PHP version 3.0 Description: A problematic issue has been identified in the software. The issue involves improper restriction of excessive authentication attempts, potentially allowing remote attacks. The...

DLA-3986-1 php7.4 - security update

Bulletin has no description...

CVE-2024-11233 vulnerabilities

Vulnerabilities for packages: php...

CVE-2024-11236 vulnerabilities

Vulnerabilities for packages: php...

CVE-2024-11234 vulnerabilities

Vulnerabilities for packages: php...

CVE-2024-8927 vulnerabilities

Vulnerabilities for packages: php...

RHSA-2015:1218 Red Hat Security Advisory: php security update

Bulletin has no description...

RHSA-2013:1814 Red Hat Security Advisory: php security update

Bulletin has no description...

RHSA-2016:0457 Red Hat Security Advisory: rh-php56-php security update

Bulletin has no description...

RHSA-2012:0568 Red Hat Security Advisory: php security update

Bulletin has no description...

RHSA-2007:0154 Red Hat Security Advisory: php security update

Bulletin has no description...

RHSA-2007:0081 Red Hat Security Advisory: php security update

Bulletin has no description...

CVE-2024-2408 vulnerabilities

Vulnerabilities for packages: php...

Cups Easy cross-site scripting vulnerability (CNVD-2024-13796)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the locationid parameter of...

Cups Easy cross-site scripting vulnerability (CNVD-2024-12234)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the issuanceno parameter on the /cupseasylive/stockissuanceprint.php page. An attacker...