Exposición de PHP

Programming languages

829

score de exposición

4.550.434

sitios usan

2

en explotación

43

críticos

Análisis Vexday

Com 1.079 CVEs catalogadas e 74 surgidas apenas nos últimos 90 dias, o PHP apresenta um volume de vulnerabilidades que exige monitoramento contínuo. A taxa de exploração ativa — 2 entradas no catálogo KEV, equivalente a 0,19% do total — está abaixo da média geral do catálogo (0,45%), o que não elimina o risco, mas indica que a conversão de vulnerabilidades em exploração confirmada tem sido relativamente contida. Atenção especial merece a CVE-2024-4577, atualmente a falha mais perigosa em exploração ativa, com EPSS de 0,9999 — valor que sinaliza probabilidade altíssima de exploração —, reforçando a necessidade de aplicação imediata de correções em ambientes expostos. O tipo de falha mais recorrente, CWE-89 (injeção de SQL), combinado com 43 vulnerabilidades críticas no histórico, indica que revisão de práticas de codificação segura e atualização de versões continuam sendo controles prioritários para quem opera aplicações baseadas em PHP.

CVEs

1079 resultados

CVE-2026-6162MEDIUMPHPGurukul Company Visitor Management System bwdates-reports-details.php cross site scriptingEPSS 0.2%CVE-2026-7568MEDIUMSigned integer overflow in metaphone()EPSS 0.2%CVE-2026-33347MEDIUMleague/commonmark has an embed extension allowed_domains bypassEPSS 0.2%CVE-2025-7941MEDIUMPHPGurukul Time Table Generator System profile.php cross site scriptingEPSS 0.2%CVE-2024-8471MEDIUMSQL injection vulnerability in Job PortalEPSS 0.2%CVE-2025-5782MEDIUMPHPGurukul Employee Record Management System resetpassword.php sql injectionEPSS 0.2%CVE-2025-6288MEDIUMPHPGurukul Bus Pass Management System Profile Page admin-profile.php cross site scriptingEPSS 0.2%CVE-2025-12303MEDIUMPHPGurukul Curfew e-Pass Management System admin-profile.php cross site scriptingEPSS 0.2%CVE-2026-0730MEDIUMPHPGurukul Staff Leave Management System SVG File adminviews.py UPDATE_STAFF cross site scriptingEPSS 0.2%CVE-2025-7819MEDIUMPHPGurukul Apartment Visitors Management System HTTP POST Request create-pass.php cross site scriptingEPSS 0.2%CVE-2025-12311MEDIUMPHPGurukul Curfew e-Pass Management System edit-category-detail.php cross site scriptingEPSS 0.2%CVE-2025-6125MEDIUMPHPGurukul Rail Pass Management System aboutus.php cross site scriptingEPSS 0.2%CVE-2025-12312MEDIUMPHPGurukul Curfew e-Pass Management System view-pass-detail.php cross site scriptingEPSS 0.2%CVE-2025-7815MEDIUMPHPGurukul Apartment Visitors Management System HTTP POST Request manage-newvisitors.php cross site scriptingEPSS 0.2%CVE-2025-6287MEDIUMPHPGurukul COVID19 Testing Management System Take Action test-details.php cross site scriptingEPSS 0.2%CVE-2025-7942MEDIUMPHPGurukul Taxi Stand Management System admin-profile.php cross site scriptingEPSS 0.2%CVE-2025-6127MEDIUMPHPGurukul Nipah Virus Testing Management System search-report.php cross site scriptingEPSS 0.2%CVE-2025-7858MEDIUMPHPGurukul Apartment Visitors Management System HTTP POST Request admin-profile.php cross site scriptingEPSS 0.2%CVE-2025-7857MEDIUMPHPGurukul Apartment Visitors Management System HTTP POST Request bwdates-passreports-details.php cross site scriptingEPSS 0.2%CVE-2025-7802MEDIUMPHPGurukul Complaint Management System complaint-search.php cross site scriptingEPSS 0.2%

← anteriorpágina 51 / 54siguiente →

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →