| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-41011 | HTML injection in PHP Point Of Sale | PHP Point Of Sale | PHP Point Of Sale | - | - | 2026-04-21 15:15:32 | Deep Dive |
| CVE-2026-40476 | graphql-php: Denial of Service via quadratic complexity in OverlappingFieldsCanBeMerged validation | webonyx | graphql-php | - | - | 2026-04-17 21:43:00 | Deep Dive |
| CVE-2026-6409 | Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input | Protocol Buffers | Protobuf-php (Pecl) | - | - | 2026-04-16 14:30:52 | Deep Dive |
| CVE-2026-34236 | Auth0 PHP SDK Insufficient Entropy in Cookie Encryption | auth0 | auth0-PHP | High | 8.2 | 2026-04-01 17:04:53 | Deep Dive |
| CVE-2019-25541 | Netartmedia PHP Mall 4.1 Multiple SQL Injection | Netartmedia | Netartmedia PHP Mall | High | 8.2 | 2026-03-12 15:37:12 | Deep Dive |
| CVE-2019-25540 | Netartmedia PHP Mall 4.1 Multiple SQL Injection | Netartmedia | Netartmedia PHP Mall | High | 8.2 | 2026-03-12 15:37:11 | Deep Dive |
| CVE-2019-25535 | Netartmedia PHP Dating Site SQL Injection via loginaction.php | Netartmedia | Netartmedia Php Dating Site | High | 8.2 | 2026-03-12 15:37:07 | Deep Dive |
| CVE-2019-25536 | Netartmedia PHP Real Estate Agency 4.0 SQL Injection via features parameter | Netartmedia | Netartmedia PHP Real Estate Agency | High | 8.2 | 2026-03-12 15:37:07 | Deep Dive |
| CVE-2019-25534 | Netartmedia PHP Car Dealer SQL Injection via features parameter | Netartmedia | Netartmedia PHP Car Dealer | High | 8.2 | 2026-03-12 15:37:06 | Deep Dive |
| CVE-2019-25533 | Netartmedia PHP Business Directory 4.2 SQL Injection via loginaction.php | Phpbusinessdirectory | Netartmedia PHP Business Directory | High | 8.2 | 2026-03-12 15:37:04 | Deep Dive |
| CVE-2026-3352 | Easy PHP Settings <= 1.0.4 - Authenticated (Administrator+) PHP Code Injection via 'wp_memory_limit' Setting | shahadul878 | Easy PHP Settings | High | 7.2 | 2026-03-07 01:21:25 | Deep Dive |
| CVE-2026-24895 | FrankenPHP affected by Path Confusion via Unicode casing in CGI path splitting allows execution of arbitrary files | php | frankenphp | - | - | 2026-02-12 19:16:07 | Deep Dive |
| CVE-2026-24894 | FrankenPHP leaks session data between requests in worker mode | php | frankenphp | - | - | 2026-02-12 19:12:04 | Deep Dive |
| CVE-2026-2058 | mathurvishal CloudClassroom-PHP-Project Post Query Details postquerypublic.php sql injection | mathurvishal | CloudClassroom-PHP-Project | High | 7.3 | 2026-02-06 16:32:08 | Deep Dive |
| CVE-2020-37152 | PHP-Fusion 9.03.50 panels.php - Cross-Site Scripting (XSS) | PHP-Fusion | PHP-Fusion | - | - | 2026-02-05 16:13:43 | Deep Dive |
| CVE-2020-37137 | PHP-Fusion 9.03.50 - 'panels.php' Eval Injection | PHP Fusion | PHP Fusion | Medium | 6.1 | 2026-02-05 16:13:38 | Deep Dive |
| CVE-2020-37083 | addressbook 9.0.0.1 - 'id' SQL Injection | chatelao | PHP Address Book | High | 8.2 | 2026-02-03 22:01:47 | Deep Dive |
| CVE-2022-50940 | Knap Advanced PHP Login 3.1.3 Persistent Cross-Site Scripting via Name Parameter | ajay138 | Knap Advanced PHP Login | Medium | 6.4 | 2026-02-01 12:15:52 | Deep Dive |
| CVE-2021-47914 | PHP Melody 3.0 Persistent XSS Vulnerability via Edit Video Parameter | PHPSUGAR | PHP Melody | Medium | 6.4 | 2026-02-01 12:15:49 | Deep Dive |
| CVE-2021-47915 | PHP Melody 3.0 SQL Injection Vulnerability via Edit Video Parameter | PHPSUGAR | PHP Melody | High | 8.1 | 2026-02-01 12:15:49 | Deep Dive |