slug: php

Explanation

PHPはサーバーサイドで動くプログラミング言語で、Webサイトの裏側を作るのに広く使われています。 WordPress、Laravel、Drupalなど、世界中の多くのサイトの土台になっています。 セキュリティ脆弱性の文脈では「インジェクション系」(攻撃文字列を実行させる) や「ファイルアップロードの不備」が典型的な弱点として知られています。
📌 Example
2017年のEquifax事件 (1.4億人の個人情報流出) は、Apache StrutsというJavaライブラリの脆弱性が原因でしたが、同様にPHPアプリケーションでも脆弱性が悪用された事例は多数あります。

🔖 Related tags

🛡 Vulnerabilities tagged with this 2,563

ID Title
CVE-2026-13530 Vulnerability in sqli (CVE-2026-13530)
CVE-2026-13527 Vulnerability in sqli (CVE-2026-13527)
CVE-2026-13526 Vulnerability in sqli (CVE-2026-13526)
CVE-2026-13525 Vulnerability in sqli (CVE-2026-13525)
CVE-2026-13520 Vulnerability in sqli (CVE-2026-13520)
CVE-2026-13521 A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php....
CVE-2026-13504 Cross-Site Scripting (XSS) in CVE-2026-13504 (CVE-2026-13504)
CVE-2026-13499 Cross-Site Scripting (XSS) in CVE-2026-13499 (CVE-2026-13499)
CVE-2026-13498 A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an...
CVE-2026-13497 Vulnerability in sqli (CVE-2026-13497)
CVE-2026-13496 Vulnerability in sqli (CVE-2026-13496)
CVE-2026-13495 Vulnerability in sqli (CVE-2026-13495)
CVE-2026-13487 Vulnerability in sqli (CVE-2026-13487)
CVE-2026-13490 Vulnerability in CVE-2026-13490 (CVE-2026-13490)
CVE-2026-13488 Vulnerability in sqli (CVE-2026-13488)
CVE-2026-13486 Vulnerability in sqli (CVE-2026-13486)
CVE-2026-13485 Vulnerability in sqli (CVE-2026-13485)
CVE-2026-58054 MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
CVE-2026-8095 Vulnerability in wordpress (CVE-2026-8095)
CVE-2026-57518 Vulnerability in privilege-escalation (CVE-2026-57518)
CVE-2026-56032 Subscriber PHP Object Injection in Buddyboss Platform <= 3.0.4 versions.
CVE-2026-56055 Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions.
CVE-2026-56031 Unauthenticated PHP Object Injection in Uncanny Automator <= 7.3.1.2 versions.
CVE-2026-56057 Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions.
CVE-2026-57940 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57940)
CVE-2026-50739 Vulnerability in revive-adserver (CVE-2026-50739)
CVE-2026-50740 Cross-Site Scripting (XSS) in revive-adserver (CVE-2026-50740)
CVE-2026-50742 Cross-Site Scripting (XSS) in revive-adserver (CVE-2026-50742)
CVE-2026-50745 Cross-Site Scripting (XSS) in revive-adserver (CVE-2026-50745)
CVE-2026-40084 Path Traversal in path-traversal (CVE-2026-40084)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →