php
Insecure object reference - Data - PHP
Need Secure access control for data objects Context Usage of PHP 7.0 for server-side scripting and web development Usage of Laravel framework for PHP web development Description Non compliant code public function show($id) { $store = ...
Insecure object reference - Files - PHP
Need Secure access control for files Context Usage of PHP for server-side scripting and web development Usage of the File module for file manipulation and operations Description Non compliant code public function show($id) { $file = File::find($id); ...
Security controls bypass or absence - Data creation - PHP
Need Enforcement of proper security controls for data creation Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of Auth for user authentication and authorization Usage of Policy ...
Insecure functionality - Session management - PHP
Need Secure session management Context Usage of PHP 7.0+ for server-side scripting and web development Usage of Laravel framework for PHP web development Usage of Illuminate/Support for providing foundational support classes and utilities in Laravel ...
Authentication mechanism absence or evasion - Redirect - PHP
Need Implementation of a robust and secure authentication mechanism Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User dependency for managing user-related functionality ...
SQL injection - Code - PHP
Need Implementation of proper input validation and the use of parameterized statements or stored procedures to prevent SQL injection attacks. Context Usage of PHP for server-side scripting and web development Usage of a database for storing and ...
Insecure session management - Change Password - PHP
Need Secure session management after password change Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests in Node.js Usage of Auth for user authentication and authorization Usage of Hash for ...
Business information leak - Financial Information - PHP
Need Protection of sensitive financial information Context Requirement of PHP 7.0 or higher for running the application Usage of Laravel framework for PHP web development Usage of Illuminate/Database for database management and query building ...
Technical information leak - IPs - PHP
Need Protection of internal IP addresses from being exposed Context Usage of PHP 7.0 for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of Illuminate\\Support\\Facades\\View ...
Technical information leak - Logs - PHP
Need Protection of sensitive technical information from unauthorized access Context Usage of PHP 7.0 for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of ...
Insecure object reference - Financial information - PHP
Need Secure access to financial information Context Usage of PHP 7.0 for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of Crypt facade from Illuminate\\Support\\Facades for ...
Insecure object reference - Personal information - PHP
Need Secure access control and authorization mechanisms Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User dependency for managing user data and authentication ...
Non-encrypted confidential information - Base 64 - PHP
Need Secure storage and transmission of confidential information Context Usage of PHP for server-side scripting and web development Usage of base64 for encoding and decoding data in base64 format Description Non compliant code In the above PHP code, ...
Automatic information enumeration - Personal Information - PHP
Need Protection of user privacy and prevention of unauthorized access to personal information Context Requirement of PHP 7.0 or higher for running the application Usage of the User dependency for user-related operations or functionality Description ...
Insecure encryption algorithm - ECB - PHP
Need Secure encryption algorithm implementation Context Usage of PHP 7.0+ for server-side scripting and web development Usage of illuminate/support for providing support and utility functions in the Illuminate framework Description Non compliant code ...
Session Fixation - PHP
Need Prevention of session hijacking Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of Auth for User Authentication and Authorization Description Non compliant code public ...
Insecure exceptions - NullPointerException - PHP
Need Prevention of unexpected system behavior caused by NullPointerException Context Usage of PHP for server-side scripting and web development Usage of the User dependency for managing user data and authentication Description Non compliant code ...
Restricted fields manipulation - PHP
Need Prevention of unauthorized access and manipulation of restricted fields Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests in Node.js Usage of the Employee package for managing ...
Insecure functionality - Fingerprint - PHP
Need Secure user data updates and prevent unauthorized modifications Context Usage of PHP for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User dependency for managing user-related functionality ...
Insecure functionality - Masking - PHP
Need Implementation of data masking techniques Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User dependency for managing user-related functionality Description Non ...
Insecure functionality - Password management - PHP
Need Secure password management Context Requirement of PHP 7.0 or later for running the application Usage of Request for making HTTP requests Usage of the User dependency for user-related functionality Usage of Hash for secure password storage and ...
Insecure functionality - File Creation - PHP
Need Secure functionality - File Creation Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of Auth for implementing authentication and authorization in an application Usage of ...
Insecure encryption algorithm - TripleDES - PHP
Need Secure encryption algorithm for data protection Context Usage of PHP 7.1 for server-side scripting and web development Usage of OpenSSL for cryptographic functions and secure communication Description Non compliant code This PHP script uses the ...
Insecure encryption algorithm - SHA1 - PHP
Need Upgrade to a secure encryption algorithm Context Usage of PHP for server-side scripting and web development Usage of PHP for server-side scripting and web development Description Non compliant code The above code is a simple PHP script that uses ...
Insecure encryption algorithm - DSA - PHP
Need Implementation of a secure encryption algorithm Context Requirement of PHP 7.0 or higher for running the application Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of phpseclib\\Crypt\\RSA for RSA encryption and ...
Automatic information enumeration - Credit Cards - PHP
Need Enhancement of credit card validation and security measures Context Usage of PHP 7.0 for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of the CreditCard model in the ...
Non-encrypted confidential information - LDAP - PHP
Need Secure storage and transmission of LDAP service credentials Context Requirement of PHP 5.6 or later for running the application Usage of php-ldap for LDAP (Lightweight Directory Access Protocol) integration in PHP applications Description Non ...
Authentication mechanism absence or evasion - Admin Console - PHP
Need Implementation of a robust and secure authentication mechanism for the Admin Console Context Usage of PHP 7.0 for server-side scripting and web development Usage of Laravel framework for PHP web development Usage of Illuminate/Support for ...
Authentication mechanism absence or evasion - OTP - PHP
Need Implementation of a secure and validated One-Time Password (OTP) authentication mechanism Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of Validator for input validation ...
Technical information leak - Print Functions - PHP
Need Prevention of sensitive information exposure through print functions Context Usage of PHP for server-side scripting and web development Usage of Exception for handling errors and exceptional situations Description Non compliant code ...
Technical information leak - Headers - PHP
Need Protection of sensitive technical information in server response headers Context Usage of PHP 7.0.0 for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of ...
Message flooding - PHP
Need Mitigation of message flooding attacks Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests in Node.js Usage of Mail for sending emails Usage of MessageMail for sending emails and ...
Business information leak - Users - PHP
Need Protection of business information and user data confidentiality Context Usage of PHP for server-side web development Usage of a database for storing and retrieving data Description Non compliant code public function getUsers() { $users = ...
Business information leak - Credit Cards - PHP
Need Protection of sensitive business information and customer credit card data Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of CreditCard for handling credit card information ...
Asymmetric denial of service - ReDoS - PHP
Need Mitigation of regular expression denial of service (ReDoS) vulnerabilities Context Usage of PHP 7.0 for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of ...
Unauthorized access to files - PHP
Need Prevention of unauthorized access to files and functionalities Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests in Node.js Usage of the User dependency for managing user-related ...
Lack of data validation - Emails - PHP
Need Implementation of email validation to prevent registration with disposable mailboxes Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User module for managing ...
Lack of data validation - Out of range - PHP
Need Enforce proper data validation to prevent unauthorized access and bypassing of restrictions Context Usage of PHP 7.2 for server-side scripting and web development Usage of Laravel Framework for PHP web application development Usage of laravel/ui ...
Lack of data validation - Numbers - PHP
Need Implementation of proper data validation for numbers Context Usage of PHP for server-side scripting and web development Usage of Request for making HTTP requests Description Non compliant code public function store(Request $request) { ...
Lack of data validation - Dates - PHP
Need Implementation of robust data validation for date fields Context Usage of PHP for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User dependency for managing user-related functionality ...
Next page