Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Programming Language

PHP

PHP: Hypertext Preprocessor is a web-based server-side widely used general-purpose scripting and programming language embedded in HTML

Official Site:

http://www.php.net/

Severity Summary:

Critical: 155 High: 231 Medium: 293 Low: 28
Reference
Title
Severity
CVE-2019-9640
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
High
CVE-2018-19935
PHP NULL Pointer Dereference Vulnerability
High
CVE-2019-6977
PHP Out-of-bounds Write Vulnerability
High
CVE-2018-20783
PHP Out-of-bounds Read Vulnerability
High
CVE-2019-9022
PHP Out-of-bounds Read Vulnerability
High
CVE-2019-9024
PHP Out-of-bounds Read Vulnerability
High
CVE-2019-9637
PHP Permissions Privileges and Access Controls Vulnerability
High
CVE-2019-9638
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
High
CVE-2019-9639
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
High
CVE-2019-9675
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
High
CVE-2018-19518
PHP Improper Neutralization of Argument Delimiters in a Command (Argument Injection) Vulnerability
High
CVE-2017-7189
PHP Improper Input Validation Vulnerability
High
CVE-2019-11046
PHP Out-of-bounds Read Vulnerability
High
CVE-2020-7062
PHP NULL Pointer Dereference Vulnerability
High
CVE-2024-2757
PHP Vulnerability
High
CVE-2020-7065
PHP Out-of-bounds Write Vulnerability
High
CVE-2020-7067
PHP Out-of-bounds Read Vulnerability
High
CVE-2025-14177
PHP Out-of-bounds Read Vulnerability
High
CVE-2025-14180
PHP NULL Pointer Dereference Vulnerability
High
CVE-2018-19520
PHP Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2018-19396
PHP Deserialization of Untrusted Data Vulnerability
High
CVE-2016-10397
PHP Improper Input Validation Vulnerability
High
CVE-2016-10712
PHP Improper Input Validation Vulnerability
High
CVE-2017-11142
PHP Uncontrolled Resource Consumption Vulnerability
High
CVE-2017-11143
PHP Deserialization of Untrusted Data Vulnerability
High
CVE-2017-11144
PHP Improper Check for Unusual or Exceptional Conditions Vulnerability
High
CVE-2017-11145
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2017-11628
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
High
CVE-2025-1735
PHP Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2017-12934
PHP Use After Free Vulnerability
High