Known Vulnerabilities for products from Php

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Php".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-32610 In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than ... 7.1 - HIGH 2021-07-30 2022-01-01
CVE-2021-29399 XMB is vulnerable to cross-site scripting (XSS) due to inadequate filtering of BBCode input. This bug affects all versions of... 6.1 - MEDIUM 2021-04-19 2021-04-22
CVE-2021-21708 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 9.8 - CRITICAL 2022-02-27 2022-10-07
CVE-2021-21707 In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_... 5.3 - MEDIUM 2021-11-29 2023-02-16
CVE-2021-21706 In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::... 6.5 - MEDIUM 2021-10-04 2021-11-03
CVE-2021-21705 In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via fil... 5.3 - MEDIUM 2021-10-04 2022-10-29
CVE-2021-21704 In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a mal... 5.9 - MEDIUM 2021-10-04 2022-10-25
CVE-2021-21703 In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with m... 7 - HIGH 2021-10-25 2022-10-29
CVE-2021-21702 In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP ... 7.5 - HIGH 2021-02-15 2021-12-10
CVE-2020-36193 Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic... 7.5 - HIGH 2021-01-18 2022-01-01
CVE-2020-28949 Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper atta... 7.8 - HIGH 2020-11-19 2022-01-06
CVE-2020-28948 Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. 7.8 - HIGH 2020-11-19 2022-03-30
CVE-2020-11579 An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation proce... 7.5 - HIGH 2020-09-03 2023-02-03
CVE-2020-7071 In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FI... 5.3 - MEDIUM 2021-02-15 2022-08-29
CVE-2020-7070 In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie va... 5.3 - MEDIUM 2020-10-02 2021-12-02
CVE-2020-7069 In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt... 6.5 - MEDIUM 2020-10-02 2021-12-02
CVE-2020-7068 In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extensio... 3.6 - LOW 2020-09-09 2022-07-01
CVE-2020-7067 In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommo... 7.5 - HIGH 2020-04-27 2022-05-16
CVE-2020-7066 In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied UR... 4.3 - MEDIUM 2020-04-01 2022-05-08
CVE-2020-7065 In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certai... 8.8 - HIGH 2020-04-01 2021-12-02

Known software with vulnerabilities from Php

Type Vendor Product Version
ApplicationPhpAnimated Smiley Generator-
ApplicationPhpAr Memberscript-
ApplicationPhpArchive Tar1.3.11
ApplicationPhpBlog Cms-
ApplicationPhpCom Extensions-
ApplicationPhpDirectory Listing Script-
ApplicationPhpF1 Maxs File Uploader-
ApplicationPhpMysql Banner Exchange-
ApplicationPhpMysql Extension-
ApplicationPhpPear Archive Tar0.3
Trademarks for Php obtained from
Mark Image Details
4837153 85868681
3218182 79014504

Popular searches for "Php"

PHP: Hypertext Preprocessor

P: Hypertext Preprocessor This is a bug fix release. For source downloads of PHP ` ^ \ 8.0.3 please visit our downloads page, Windows source and binaries can be found on windows. For source downloads of PHP 7.4.16. PHP Software release life cycle Download Source code Microsoft Windows Patch (computing) Window (computing) Diff Binary file User (computing) Preprocessor Hypertext Upgrade Scripting language Web development Computer file Executable Digital distribution General-purpose programming language SpringBoard

Home | PHP Ace

Home | PHP Ace PHP , Ace - the place for top ideas on using PHP B @ > to build web applications, including the Aliro web framework.

PHP Web application Web framework Subroutine Library (computing) Computer program Object-oriented programming Cascading Style Sheets Measuring programming language popularity Blog Usability Array data structure Object model Internet Explorer 5 WordPress WYSIWYG Robustness (computer science) Algorithmic efficiency Software build Computing platform