CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-53928 – PHPFusion 9.10.30 Stored Cross-Site Scripting via File Manager Upload
https://notcve.org/view.php?id=CVE-2023-53928
17 Dec 2025 — PHPFusion 9.10.30 contains a stored cross-site scripting vulnerability in the file manager that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload SVG files with script tags that execute arbitrary JavaScript when viewed, potentially stealing user session information or performing client-side attacks. • https://www.exploit-db.com/exploits/51411 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-64356 – WordPress Insert PHP Code Snippet plugin <= 1.4.3 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2025-64356
27 Oct 2025 — Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Insert PHP Code Snippet: from n/a through <= 1.4.3. The Insert PHP Code Snippet plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to ... • https://vdp.patchstack.com/database/Wordpress/Plugin/insert-php-code-snippet/vulnerability/wordpress-insert-php-code-snippet-plugin-1-4-3-broken-access-control-vulnerability • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 51%CPEs: 1EXPL: 3CVE-2012-10056 – PHP Volunteer Management System 1.0.2 Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2012-10056
13 Aug 2025 — PHP Volunteer Management System v1.0.2 contains an arbitrary file upload vulnerability in its document upload functionality. Authenticated users can upload files to the mods/documents/uploads/ directory without any restriction on file type or extension. Because this directory is publicly accessible and lacks execution controls, attackers can upload a malicious PHP payload and execute it remotely. The application ships with default credentials, making exploitation trivial. Once authenticated, the attacker ca... • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/php_volunteer_upload_exec.rb • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 68%CPEs: 1EXPL: 3CVE-2013-10070 – PHP-Charts v1.0 PHP Code Execution
https://notcve.org/view.php?id=CVE-2013-10070
05 Aug 2025 — PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/url.php, where user-supplied GET parameter names are passed directly to eval() without sanitization. A remote attacker can exploit this flaw by crafting a request that injects arbitrary PHP code, resulting in command execution under the web server's context. The vulnerability allows unauthenticated attackers to execute system-level commands via base64-encoded payloads embedded in parameter names, leading to full compromise of the host sys... • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/php_charts_exec.rb • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-40724 – Stored Cross-Site Scripting (XSS) in Pharmacy POS PHP Script
https://notcve.org/view.php?id=CVE-2025-40724
16 Jul 2025 — Stored Cross-Site Scripting (XSS) vulnerability in Pharmacy POS PHP Script. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the u_medicine_name parameter in /edit_medicine.php. This vulnerability can be exploited to steal sensitive user data such as session cookies or to perform actions on behalf of the user. • https://www.incibe.es/en/incibe-cert/notices/aviso/stored-cross-site-scripting-xss-pharmacy-pos-php-script • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.7EPSS: 0%CPEs: 4EXPL: 0CVE-2025-1220 – Null byte termination in hostnames
https://notcve.org/view.php?id=CVE-2025-1220
12 Jul 2025 — In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions. It was discovered that PHP incorrectly handled certain hostnames containing null characters. A remote... • https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2025-1735 – pgsql extension does not check for errors during escaping
https://notcve.org/view.php?id=CVE-2025-1735
12 Jul 2025 — In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid. In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the s... • https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2025-6491 – NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
https://notcve.org/view.php?id=CVE-2025-6491
12 Jul 2025 — In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server. It was discovered that PHP incorrectly handled certain hostnames containing null characters. A remote attacker could possibly use this issue to bypass certain hostname validation checks. It was discovered that PHP inc... • https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x • CWE-476: NULL Pointer Dereference •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48883 – Chrome PHP is missing encoding in `CssSelector`
https://notcve.org/view.php?id=CVE-2025-48883
30 May 2025 — Chrome PHP allows users to start playing with chrome/chromium in headless mode from PHP. Prior to version 1.14.0, CSS Selector expressions are not properly encoded, which can lead to XSS (cross-site scripting) vulnerabilities. This is patched in v1.14.0. As a workaround, users can apply encoding manually to their selectors if they are unable to upgrade. • https://github.com/chrome-php/chrome/commit/34b2b8d1691f4e3940b1e1e95d388fffe81169c8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2025-1734 – Streams HTTP wrapper does not fail for headers with invalid name and no colon
https://notcve.org/view.php?id=CVE-2025-1734
28 Feb 2025 — In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when receiving headers from HTTP server, the headers missing a colon (:) are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers. A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon (:), which may confuse applications into processing them as valid headers. It w... • https://github.com/php/php-src/security/advisories/GHSA-pcmh-g36c-qc44 • CWE-20: Improper Input Validation •