slug: php

Explanation

PHPはサーバーサイドで動くプログラミング言語で、Webサイトの裏側を作るのに広く使われています。 WordPress、Laravel、Drupalなど、世界中の多くのサイトの土台になっています。 セキュリティ脆弱性の文脈では「インジェクション系」(攻撃文字列を実行させる) や「ファイルアップロードの不備」が典型的な弱点として知られています。
📌 Example
2017年のEquifax事件 (1.4億人の個人情報流出) は、Apache StrutsというJavaライブラリの脆弱性が原因でしたが、同様にPHPアプリケーションでも脆弱性が悪用された事例は多数あります。

🔖 Related tags

🛡 Vulnerabilities tagged with this 2,566

ID Title
CVE-2026-10608 Vulnerability in sqli (CVE-2026-10608)
CVE-2026-10607 Vulnerability in sqli (CVE-2026-10607)
CVE-2026-10606 Vulnerability in sqli (CVE-2026-10606)
CVE-2026-40571 Vulnerability in CVE-2026-40571 (CVE-2026-40571)
CVE-2026-40314 Vulnerability in CVE-2026-40314 (CVE-2026-40314)
CVE-2026-35443 Vulnerability in CVE-2026-35443 (CVE-2026-35443)
CVE-2026-35447 Vulnerability in CVE-2026-35447 (CVE-2026-35447)
CVE-2026-33398 Vulnerability in CVE-2026-33398 (CVE-2026-33398)
CVE-2026-7195 CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CVE-2026-7313 CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CVE-2026-39555 Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. ...
CVE-2026-39552 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2026-39553 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2026-32250 Cross-Site Scripting (XSS) in CVE-2026-32250 (CVE-2026-32250)
CVE-2025-69369 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2025-68886 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2025-58707 Vulnerability in CVE-2025-58707 (CVE-2025-58707)
CVE-2025-58897 Vulnerability in CVE-2025-58897 (CVE-2025-58897)
CVE-2025-58705 Vulnerability in CVE-2025-58705 (CVE-2025-58705)
CVE-2025-58024 Vulnerability in CVE-2025-58024 (CVE-2025-58024)
CVE-2025-53440 Vulnerability in CVE-2025-53440 (CVE-2025-53440)
CVE-2026-10581 SSRF (Server-Side Request Forgery) in CVE-2026-10581 (CVE-2026-10581)
CVE-2026-10568 Vulnerability in sqli (CVE-2026-10568)
CVE-2026-10100 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10100)
CVE-2026-10559 Vulnerability in CVE-2026-10559 (CVE-2026-10559)
CVE-2026-10558 Vulnerability in CVE-2026-10558 (CVE-2026-10558)
CVE-2026-10296 Vulnerability in sqli (CVE-2026-10296)
CVE-2026-10299 Vulnerability in CVE-2026-10299 (CVE-2026-10299)
CVE-2026-10301 Cross-Site Scripting (XSS) in CVE-2026-10301 (CVE-2026-10301)
CVE-2026-10302 Vulnerability in sqli (CVE-2026-10302)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →