| CVE-2025-1220 |
|
Cross-Site Request Forgery |
php: PHP Hostname Null Character Vulnerability |
2025-07-13 |
|
|
| CVE-2025-1735 |
|
Cross-Site Request Forgery |
php: pgsql extension does not check for errors during escaping |
2025-07-05 |
|
|
| CVE-2025-6491 |
|
Cross-Site Request Forgery |
php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix |
2025-07-05 |
|
|
| CVE-2024-11235 |
|
Cross-Site Request Forgery |
Reference counting in `php_request_shutdown` causes Use-After-Free. |
2025-03-14 |
8.3.0-8.3.18
|
ZendPHP 8.3
ZendPHP 8.4
ZendPHP 8.39141469
ZendPHP 8.39627557
|
| CVE-2025-1217 |
|
Cross-Site Request Forgery |
Header parser of `http` stream wrapper does not handle folded headers |
2025-03-14 |
7.2.0-7.2.34
|
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 7.29073829
ZendPHP 8.0
ZendPHP 8.1
ZendPHP 8.2
ZendPHP 8.3
ZendPHP 8.4
ZendServer 2021.4.2
|
| CVE-2025-1219 |
|
Cross-Site Request Forgery |
libxml streams use wrong content-type header when requesting a redirected resource. |
2025-03-14 |
7.2.0-7.2.34
|
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 7.29145962
ZendPHP 8.0
ZendPHP 8.1
ZendPHP 8.2
ZendPHP 8.3
ZendPHP 8.4
ZendServer 2021.4.2
|
| CVE-2025-1734 |
|
Cross-Site Request Forgery |
Streams HTTP wrapper does not fail for headers without colon |
2025-03-14 |
7.2.0-7.2.34
|
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 7.29978486
ZendPHP 8.0
ZendPHP 8.1
ZendPHP 8.2
ZendPHP 8.3
ZendPHP 8.4
ZendServer 2021.4.2
|
| CVE-2025-1736 |
|
Cross-Site Request Forgery |
Stream HTTP wrapper header check might omit basic auth header |
2025-03-14 |
7.2.0-7.2.34
|
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 7.29685875
ZendPHP 8.0
ZendPHP 8.1
ZendPHP 8.2
ZendPHP 8.3
ZendPHP 8.4
ZendServer 2021.4.2
|
| CVE-2025-1861 |
|
Cross-Site Request Forgery |
Stream HTTP wrapper truncate redirect location to 1024 bytes |
2025-03-14 |
7.2.0-7.2.34
|
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendPHP 8.2
ZendPHP 8.3
ZendPHP 8.4
ZendServer 2021.4.2
|
| CVE-2024-11233 |
|
Cross-Site Request Forgery |
"+response.write(9280695*9351989)+" |
2024-11-23 |
7.2.0-7.2.34
|
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 7.29108429
ZendPHP 7.29357358
ZendPHP 7.29819071
ZendPHP 7.29868234
ZendPHP 7.29914703
ZendPHP 7.29921362
ZendPHP 8.0
ZendPHP 8.1
ZendPHP 8.2
ZendPHP 8.3
ZendServer 2021.4.1
|
