| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-13204 | kurniaramadhan E-Commerce-PHP blog-details.php sql injection | kurniaramadhan | E-Commerce-PHP | Medium | 5.5 | 2025-01-09 02:00:18 | Deep Dive |
| CVE-2024-13203 | kurniaramadhan E-Commerce-PHP cross-site request forgery | kurniaramadhan | E-Commerce-PHP | Medium | 4.3 | 2025-01-09 02:00:16 | Deep Dive |
| CVE-2024-12535 | Host PHP Info <= 1.0.4 - Missing Authorization to Unauthenticated Sensitive Information Disclosure | eflyjason | Host PHP Info | High | 8.6 | 2025-01-07 05:23:56 | Deep Dive |
| CVE-2024-53860 | Potential Abuse for Sending Arbitrary Emails in sp-php-email-handler | Spencer14420 | SPEmailHandler-PHP | High | 8.6 | 2024-11-27 21:31:07 | Deep Dive |
| CVE-2024-11233 | Single byte overread with convert.quoted-printable-decode filter | PHP Group | PHP | Medium | 4.8 | 2024-11-24 01:08:29 | Deep Dive |
| CVE-2024-11234 | Configuring a proxy in a stream context might allow for CRLF injection in URIs | PHP Group | PHP | Medium | 4.8 | 2024-11-24 00:57:39 | Deep Dive |
| CVE-2024-11236 | Integer overflow in the firebird and dblib quoters causing OOB writes | PHP Group | PHP | Critical | 9.8 | 2024-11-24 00:44:55 | Deep Dive |
| CVE-2024-11330 | Custom CSS, JS & PHP <= 2.3.0 - Reflected Cross-Site Scripting | wpcodefactory | Custom CSS, JS & PHP | Medium | 6.1 | 2024-11-23 06:54:50 | Deep Dive |
| CVE-2024-8929 | Leak partial content of the heap through heap buffer over-read in mysqlnd | PHP Group | PHP | Medium | 5.8 | 2024-11-22 06:15:30 | Deep Dive |
| CVE-2024-8932 | OOB access in ldap_escape | PHP Group | PHP | Critical | 9.8 | 2024-11-22 06:03:30 | Deep Dive |
| CVE-2024-48963 | Snyk CLI 安全漏洞 | Snyk | Snyk Cli | High | 7.5 | 2024-10-23 18:24:48 | Deep Dive |
| CVE-2024-9026 | PHP-FPM logs from children may be altered | PHP Group | PHP | Low | 3.3 | 2024-10-08 04:07:33 | Deep Dive |
| CVE-2024-8927 | cgi.force_redirect configuration is bypassable due to the environment variable collision | PHP Group | PHP | High | 7.5 | 2024-10-08 03:56:32 | Deep Dive |
| CVE-2024-8926 | PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass) | PHP Group | PHP | High | 8.1 | 2024-10-08 03:48:54 | Deep Dive |
| CVE-2024-8925 | Erroneous parsing of multipart form data | PHP Group | PHP | Low | 3.1 | 2024-10-08 03:35:03 | Deep Dive |
| CVE-2024-8564 | SourceCodester PHP CRUD update.php sql injection | SourceCodester | PHP CRUD | Medium | 6.3 | 2024-09-07 20:31:04 | Deep Dive |
| CVE-2024-8563 | SourceCodester PHP CRUD update.php cross site scripting | SourceCodester | PHP CRUD | Low | 3.5 | 2024-09-07 20:00:05 | Deep Dive |
| CVE-2024-8562 | SourceCodester PHP CRUD Add.php cross site scripting | SourceCodester | PHP CRUD | Low | 3.5 | 2024-09-07 19:00:05 | Deep Dive |
| CVE-2024-8561 | SourceCodester PHP CRUD Delete Person delete.php sql injection | SourceCodester | PHP CRUD | Medium | 6.3 | 2024-09-07 18:31:04 | Deep Dive |
| CVE-2024-7420 | Insert PHP Code Snippet <= 1.3.6 - Cross-Site Request Forgery to Code Snippet Activate/Deactivate/Deletion | f1logic | Insert PHP Code Snippet | Medium | 5.8 | 2024-08-15 02:30:36 | Deep Dive |