| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-2355 | keerti1924 Secret-Coder-PHP-Project secret_coder.sql inclusion of sensitive information in source code | keerti1924 | Secret-Coder-PHP-Project | Low | 3.7 | 2024-03-10 11:31:04 | Deep Dive |
| CVE-2024-2266 | keerti1924 Secret-Coder-PHP-Project Login Page login.php cross site scripting | keerti1924 | Secret-Coder-PHP-Project | Low | 3.5 | 2024-03-07 21:31:06 | Deep Dive |
| CVE-2024-2265 | keerti1924 PHP-MYSQL-User-Login-System login.sql inclusion of sensitive information in source code | keerti1924 | PHP-MYSQL-User-Login-System | Medium | 5.3 | 2024-03-07 21:31:05 | Deep Dive |
| CVE-2024-2264 | keerti1924 PHP-MYSQL-User-Login-System login.php sql injection | keerti1924 | PHP-MYSQL-User-Login-System | High | 7.3 | 2024-03-07 21:00:07 | Deep Dive |
| CVE-2024-1702 | keerti1924 PHP-MYSQL-User-Login-System edit.php sql injection | keerti1924 | PHP-MYSQL-User-Login-System | Medium | 6.3 | 2024-02-21 16:31:05 | Deep Dive |
| CVE-2024-25117 | php-svg-lib lacks path validation on font through SVG inline styles | dompdf | php-svg-lib | Medium | 6.8 | 2024-02-21 16:25:18 | Deep Dive |
| CVE-2024-1701 | keerti1924 PHP-MYSQL-User-Login-System edit.php access control | keerti1924 | PHP-MYSQL-User-Login-System | Medium | 5.3 | 2024-02-21 15:31:06 | Deep Dive |
| CVE-2024-1700 | keerti1924 PHP-MYSQL-User-Login-System signup.php cross site scripting | keerti1924 | PHP-MYSQL-User-Login-System | Medium | 4.3 | 2024-02-21 15:31:05 | Deep Dive |
| CVE-2024-0658 | Insert PHP Code Snippet <= 1.3.4 - Authenticated (Admin+) Stored Cross-Site Scripting | f1logic | Insert PHP Code Snippet | Medium | 4.4 | 2024-02-20 18:56:45 | Deep Dive |
| CVE-2023-6551 | Stored XSS in class.upload.php | class.upload.php | class.upload.php | - | - | 2024-01-04 16:04:35 | Deep Dive |
| CVE-2023-51651 | Potential URI resolution path traversal in the AWS SDK for PHP | aws | aws-sdk-php | Medium | 6.0 | 2023-12-22 21:03:01 | Deep Dive |
| CVE-2023-50252 | php-svg-lib unsafe attributes merge when parsing `use` tag | dompdf | php-svg-lib | High | 8.3 | 2023-12-12 20:39:18 | Deep Dive |
| CVE-2023-50251 | php-svg-lib possible DoS caused by infinite recursion when parsing SVG document | dompdf | php-svg-lib | Medium | 5.3 | 2023-12-12 20:37:23 | Deep Dive |
| CVE-2023-49283 | Test code in published microsoft-graph-core package exposes phpinfo() | microsoftgraph | msgraph-sdk-php-core | Medium | 5.4 | 2023-12-05 22:44:40 | Deep Dive |
| CVE-2023-49282 | Test code in published microsoft-graph package exposes phpinfo() | microsoftgraph | msgraph-sdk-php | Medium | 5.4 | 2023-12-05 22:40:44 | Deep Dive |
| CVE-2017-20187 | Magnesium-PHP Base.php formatEmailString injection | - | Magnesium-PHP | Low | 3.5 | 2023-11-05 20:31:03 | Deep Dive |
| CVE-2022-4900 | Potential buffer overflow in php_cli_server_startup_workers | - | php | Medium | 6.2 | 2023-11-02 15:01:29 | Deep Dive |
| CVE-2023-5199 | PHP to Page <= 0.3 - Authenticated (Subscriber+) Local File Inclusion to Remote Code Execution via Shortcode | bloafer | PHP to Page | Critical | 9.9 | 2023-10-30 13:48:59 | Deep Dive |
| CVE-2021-4418 | Custom CSS, JS & PHP <= 2.0.7 - Cross-Site Request Forgery Bypass | flippercode | Custom css-js-php | Medium | 4.3 | 2023-10-20 07:29:33 | Deep Dive |
| CVE-2023-4994 | Allow PHP in Posts and Pages <= 3.0.4 - Authenticated (Subscriber+) Remote Code Execution via Shortcode | hit-reach | Allow PHP in Posts and Pages | Critical | 9.9 | 2023-09-16 01:52:18 | Deep Dive |