EUVD-2021-1131

Malware in sbrugna...

MAL-2025-29188 Malicious code in phpjs-shim (npm)

The package phpjs-shim was found to contain malicious code...

Malicious code in phpjs-shim (npm)

The package phpjs-shim was found to contain malicious code...

GHSA-M428-JQC4-2P5J Prototype Pollution in phpjs

All versions of phpjs up to and including 1.3.2 are vulnerable to Prototype Pollution via parsestr. phpjs is no longer maintained and users are advised to use Locutus as a replacement https://github.com/locutusjs/locutus...

Prototype Pollution in phpjs

All versions of phpjs up to and including 1.3.2 are vulnerable to Prototype Pollution via parsestr. phpjs is no longer maintained and users are advised to use Locutus as a replacement https://github.com/locutusjs/locutus...

@blueprintjs/docs (>=1.0.0 <=1.3.1), @frctl/twig (>=1.0.0-alpha.0 <=1.0.0-beta.2) +101 more potentially affected by CVE-2020-7700 via phpjs (>=0.0.1 <=1.3.2)

phpjs NPM version =0.0.1, =1.0.0, =1.0.0-alpha.0, =0.3.16, =1.2.7, =0.1.3, =1.0.1, =1.0.0, =0.7.0, =0.0.1, =0.0.9, =0.0.1-alpha.1, =0.0.1, =0.0.7 and more Source cves: CVE-2020-7700 Source advisory: OSV:GHSA-M428-JQC4-2P5J...

Prototype Pollution in kvz/locutus

Description phpjs is a community built PHP binding in JavaScript. This package is vulnerable to Prototype Pollution via parsestr. Proof of Concept const phpjs = require'phpjs'; phpjs.parsestr"protopolluted=true",; console.logpolluted;...

Prototype Pollution

phpjs is vulnerable to prototype pollution. An attacker is able to add and modify properties of Object.prototype using a proto payload...

CVE-2020-7700

All versions of phpjs are vulnerable to Prototype Pollution via parsestr...

Code injection

All versions of phpjs are vulnerable to Prototype Pollution via parsestr...

CVE-2020-7700

CVE-2020-7700 affects phpjs. All versions up to 1.3.2 are vulnerable to Prototype Pollution via parse_str, enabling an attacker to modify Object.prototype. Notable sources (GHSA, OSV, NVD) corroborate prototype pollution and advise no widely fixed version; remediation guidance commonly suggests r...

CVE-2020-7700 Prototype Pollution

All versions of phpjs are vulnerable to Prototype Pollution via parsestr...

@blueprintjs/docs (>=1.0.0 <=1.3.1), @frctl/twig (>=1.0.0-alpha.0 <=1.0.0-beta.2) +101 more potentially affected by CVE-2020-7700 via phpjs (>=0.0.1 <=1.3.2)

phpjs NPM version =0.0.1, =1.0.0, =1.0.0-alpha.0, =0.3.16, =1.2.7, =0.1.3, =1.0.1, =1.0.0, =0.7.0, =0.0.1, =0.0.9, =0.0.1-alpha.1, =0.0.1, =0.0.7 and more Source cves: CVE-2020-7700 Source advisory: SNYK:JS-PHPJS-598681...

Prototype Pollution

Overview phpjs is a community built php binding in javascript. Affected versions of this package are vulnerable to Prototype Pollution via parsestr. POC: require'phpjs'.parsestr"protopolluted=true",; console.logpolluted //true Remediation There is no fixed version for phpjs. Credit: Beomjin Lee...

PT-2020-19723 · Phpjs · Phpjs

Name of the Vulnerable Software and Affected Versions: phpjs versions prior to 1.3.2 and possibly later, as all versions are mentioned as vulnerable in one source, but another source specifies up to 1.3.2. Description: The issue concerns Prototype Pollution via the parse str function. This affect...