| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-21705 | Incorrect URL validation in FILTER_VALIDATE_URL | PHP Group | PHP | Medium | 4.3 | 2021-10-04 04:00:16 | Deep Dive |
| CVE-2021-21704 | Multiple vulnerabilities in Firebird client extension | PHP Group | PHP | Medium | 5.0 | 2021-10-04 04:00:14 | Deep Dive |
| CVE-2021-20725 | Php Factory Calendar01 跨站脚本漏洞 | PHP Factory | [Calendar01] free edition | 中危 | - | 2021-05-24 03:20:31 | Deep Dive |
| CVE-2021-20723 | PHP Factory MailForm01 跨站脚本漏洞 | PHP Factory | [MailForm01] free edition | 中危 | - | 2021-05-24 03:20:30 | Deep Dive |
| CVE-2021-20724 | PHP Factory Telop01 跨站脚本漏洞 | PHP Factory | [Telop01] free edition | 中危 | - | 2021-05-24 03:20:30 | Deep Dive |
| CVE-2021-21702 | Null Dereference in SoapClient | PHP Group | PHP | Medium | 5.3 | 2021-02-15 04:10:17 | Deep Dive |
| CVE-2020-7071 | FILTER_VALIDATE_URL accepts URLs with invalid userinfo | PHP Group | PHP | Medium | 5.3 | 2021-02-15 04:10:16 | Deep Dive |
| CVE-2020-7069 | Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV | PHP Group | PHP | Medium | 5.4 | 2020-10-02 14:14:45 | Deep Dive |
| CVE-2020-7070 | PHP parses encoded cookie names so malicious `__Host-` cookies can be sent | PHP Group | PHP | Medium | 4.3 | 2020-10-02 14:14:45 | Deep Dive |
| CVE-2020-7068 | Use of freed hash key in the phar_parse_zipfile function | PHP Group | PHP | Medium | 4.8 | 2020-09-09 17:58:43 | Deep Dive |
| CVE-2020-5616 | 多款PHP Factory产品授权问题漏洞 | PHP Factory | [Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] | 超危 | - | 2020-08-04 01:05:50 | Deep Dive |
| CVE-2020-5615 | PHP Factory Calendar01和Calendar02 跨站请求伪造漏洞 | PHP Factory | [Calendar01] and [Calendar02] | 高危 | - | 2020-08-04 01:05:49 | Deep Dive |
| CVE-2020-8521 | SpryMedia DataTables SQL注入漏洞 | phpzag | phpzag live add edit delete data tables records with ajax php mysql | 超危 | - | 2020-07-07 19:20:21 | Deep Dive |
| CVE-2020-8519 | SpryMedia DataTables SQL注入漏洞 | phpzag | phpzag live add edit delete data tables records with ajax php mysql | 超危 | - | 2020-07-07 19:20:20 | Deep Dive |
| CVE-2020-8520 | SpryMedia DataTables SQL注入漏洞 | phpzag | phpzag live add edit delete data tables records with ajax php mysql | 超危 | - | 2020-07-07 19:20:20 | Deep Dive |
| CVE-2019-11048 | Temporary files are not cleaned after OOM when parsing HTTP request data | PHP Group | PHP | Medium | 5.3 | 2020-05-20 07:15:16 | Deep Dive |
| CVE-2020-7067 | OOB Read in urldecode() | PHP Group | PHP | High | 7.5 | 2020-04-27 20:38:40 | Deep Dive |
| CVE-2020-7065 | mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full | PHP Group | PHP | High | 7.4 | 2020-04-01 03:35:14 | Deep Dive |
| CVE-2020-7066 | get_headers() silently truncates after a null byte | PHP Group | PHP | Medium | 5.3 | 2020-04-01 03:35:14 | Deep Dive |
| CVE-2020-7064 | Use-of-uninitialized-value in exif | PHP Group | PHP | Medium | 6.5 | 2020-04-01 03:35:13 | Deep Dive |