Innovate faster and cut risk with PHP experts from Zend Services.
Explore Services
Beginning to advanced PHP classes to learn and earn global certification.
Help me choose >
Explore Training
Submit support requests and browse self-service resources.
Explore Support
Cross-Site Request Forgery
CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo
2021-01-03
Information Disclosure
CVE-2020-7068 php: Use of freed hash key in the phar_parse_zipfile function
2020-08-06
CVE-2020-7070 php: PHP parses encoded cookie names so malicious `__Host-` cookies can be sent
2020-06-14
out-of-bounds read when using a malformed url-encoded string
2020-04-10
information disclosure in exif_read_data() function
2020-04-01
Remote Code Execution
by using mb_strtolower() function with UTF-32LE encoding leads to potential code execution
Remote File Inclusion
information disclosure in function get_headers
Denial of Service
NULL pointer dereference in PHP session upload progress
2020-02-04
heap-based buffer overflow in phar_extract_file
2020-01-26
Out of bounds read in php_strip_tags_ex
2020-01-23