CVE-2026-7258

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, some functions, including urldecode, pass signed char to ctype functions like isxdigit. On the systems with default signed char and optimized table-lookup ctype functions - such as NetBSD - this can...

CVE-2025-53442

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rentic rentic allows PHP Local File Inclusion.This issue affects Rentic: from n/a through = 1.1...

CVE-2025-58889

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Towny towny allows PHP Local File Inclusion.This issue affects Towny: from n/a through = 1.16...

CVE-2025-53334

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through 7.5.1...

CVE-2024-25866

A SQL Injection vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary SQL commands via the email parameter in the index.php component...

The vulnerability of the `php_html_entities` function in the PHP programming language allows attackers to trigger a service failure or potentially cause other adverse effects.

The vulnerability of the phphtmlentities function in the PHP programming language is caused by a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause service failures or potentially other adverse effects...

Vulnerabilities in PHP software allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The use of this component in ext/spl/spldllist.c after its release allows attackers to trigger service failures or exert other effects on the system, by using specially crafted iterators for applications in certain web hosting environments...

The vulnerability of the PHP interpreter allows attackers to execute arbitrary code.

The vulnerability of the SPL library implementation in ext/spl/splarray.c of the PHP interpreter lies in the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using specially crafted data...

Hacking tricks of talking about network intrusion to improve the method-vulnerability warning-the black bar safety net

Now you want to invade a site directly with the data server, open some ports, with those overflowing way to engage in the web server Station, presumably unlikely, if now also can use 1 4 3 3 can easily handle a server, then you will be able to buy lottery tickets went to the Oh. Now the...