Weaknesses in Software Written in PHP

The product performs a comparison between two entities, but the entities are of different, incompatible types that cannot be guaranteed to provide correct results when...

The product compares object references instead of the contents of the objects themselves, preventing it from detecting equivalent objects.

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

In a language where the user can influence the name of a variable at runtime, if the variable names are not controlled, an attacker can read or write to arbitrary vari...

The product uses a regular expression that either (1) contains an executable component with user-controlled inputs, or (2) allows a user to enable execution by inserti...

The product initializes critical internal variables or data stores using inputs that can be modified by untrusted actors.

The product performs an operation that triggers an external diagnostic or error message that is not directly generated or controlled by the product, such as an error g...

The product generates an error message that includes sensitive information about its environment, users, or associated data.

The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or...

The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments...

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation...

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before inserting the input into an executable ...

The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax t...

The product receives input from an upstream component that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but...

The PHP application uses an old method for processing uploaded files by referencing the four global variables that are set for each file (e.g. $varname, $varname_size,...

The product, by default, initializes an internal variable with an insecure or less secure value than is possible.

The product does not properly handle null bytes or NUL characters when passing data between different representations or components.

The product omits a break statement within a switch or similar construct, causing code associated with multiple conditions to execute. This can cause problems when the...

The product uses a regular expression that does not sufficiently restrict the set of allowed values.

A PHP application does not properly protect against the modification of variables from external sources, such as query parameters or cookies. This can expose the appli...

The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

The product uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes ...

The code uses a function that has inconsistent implementations across operating systems and versions.

The code uses a variable that has not been initialized, leading to unpredictable or unintended results.

The product uses external input to determine the names of variables into which information is extracted, without verifying that the names of the specified variables ar...