php
NoSQL injection - PHP
Need Prevention of NoSQL injection attacks Context Usage of PHP 7.0 for server-side scripting and web development Usage of the App\\User module for user-related functionality Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel ...
Email uniqueness not properly verified - PHP
Need Enforce email uniqueness verification during registration process Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of Validator for data validation and sanitization Usage of ...
External control of file name or path - PHP
Need Secure file handling and storage Context Usage of PHP 7 for server-side scripting and web development Usage of Request for making HTTP requests Description Non compliant code public function upload(Request $request) { ...
Insecure deserialization - PHP
Need Secure deserialization process Context Usage of PHP for server-side scripting and web development Usage of PHP for server-side scripting and web development Description Non compliant code isAdmin){ echo 'Welcome, Admin!'; } ?> The above PHP code ...
Data uniqueness not properly verified - PHP
Need Enforcement of data uniqueness verification Context Usage of PHP 7.0 for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of the User module in the App namespace Description ...
Insecure encryption algorithm - Cipher Block Chaining - PHP
Need Implementation of secure encryption algorithms with strong cipher block chaining. Context Requirement of PHP 5.3.0 or later for running the application Usage of OpenSSL for secure communication and encryption Description Non compliant code The ...
Hidden fields manipulation - PHP
Need Protection against hidden fields manipulation Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User dependency for user-related functionality Description Non compliant ...
Insecure encryption algorithm - Anonymous cipher suites - PHP
Need Implementation of secure encryption algorithms and disallowing anonymous cipher suites Context Usage of PHP 7.1+ for server-side scripting and web development Usage of OpenSSL for secure communication and encryption Description Non compliant ...
Log injection - PHP
Need Prevention of log injection attacks Context Usage of PHP for server-side web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of Log for logging and debugging purposes Description Non compliant code ...
Lack of data validation - Trust boundary violation - PHP
Need Enforce strict data validation and trust boundaries Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User dependency for user-related functionality Usage of Hash for ...
Privacy violation - PHP
Need Protection of user privacy Context Usage of PHP 7.0 for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of the App\\User module for user-related functionality Description ...
Business information leak - Customers or providers - PHP
Need Protection of sensitive business information from unauthorized access or leakage Context Usage of PHP 7.0+ for developing web applications Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of the Customer model in ...
Insecurely generated token - PHP
Need Secure token generation mechanism Context Usage of PHP for server-side scripting and web development Usage of md5 for generating MD5 hashes Description Non compliant code id . time()); return $token; } ?> The above code represents a function ...
Weak CAPTCHA - PHP
Need Enhancement of CAPTCHA security Context Requirement of PHP 5.1.0 or later for running the application Usage of GD Library for image manipulation and generation Description Non compliant code This PHP script generates a simple captcha image with ...
Insecure session expiration time - PHP
Need Enforce secure session expiration time Context Usage of PHP 7.0 for server-side scripting and web development Usage of the Str library for string manipulation and operations Description Non compliant code // config/session.php return [ 'driver' ...
Improper resource allocation - PHP
Need Efficient resource allocation and management Context Requirement of PHP 7.0 or later for executing the code Usage of Request for making HTTP requests Usage of SomeExpensiveResource for accessing a resource that requires high computational or ...
Lack of data validation - Path Traversal - PHP
Need Implementation of robust data validation and input sanitization mechanisms Context Usage of PHP for server-side scripting and web development Usage of PHP for server-side scripting and web development Description Non compliant code In the above ...
Concurrent sessions - PHP
Need Enforce session management and limit concurrent user sessions Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of Auth for user authentication and authorization Description ...
Remote File Inclusion - PHP
Need Prevention of remote file inclusion attacks Context Usage of PHP 5.0+ for server-side scripting and web development Usage of PHP for server-side scripting and web development Description Non compliant code The above PHP script is vulnerable to ...
Sensitive information stored in logs - PHP
Need Secure handling of sensitive information in logs Context Usage of PHP 7.0 for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of Illuminate\\Support\\Facades\\Log for ...
Insecure encryption algorithm - PHP
Need Implementation of secure encryption algorithms Context Usage of PHP for server-side scripting and web development Usage of OpenSSL for cryptographic operations and secure communication Description Non compliant code In the above code, the ...
Cracked weak credentials - PHP
Need Enhancement of password security measures Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User dependency for user-related functionality Usage of Auth for implementing ...
HTML code injection - PHP
Need Prevention of HTML code injection attacks Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User dependency for managing user data and authentication Description Non ...
Insecurely generated cookies - PHP
Need Secure generation and management of cookies Context Usage of PHP for server-side scripting and web development Usage of Request for making HTTP requests Usage of Response for handling HTTP responses Usage of cookie for handling HTTP cookies in ...
Business information leak - PHP
Need Protection of sensitive business information from unauthorized access or leakage Context Usage of PHP 7.0+ for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of the User ...
Technical information leak - PHP
Need Protection of sensitive technical information from unauthorized access Context Usage of PHP for server-side scripting and web development Usage of PHP for server-side scripting and web development Description Non compliant code $info "; ?> The ...
ViewState not encrypted - PHP
Need Secure encryption of ViewState data Context Usage of PHP 7.0 for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of Session facade in Laravel's Illuminate\\Support\\Facades ...
Insecure generation of random numbers - PHP
Need Secure generation of random numbers Context Usage of PHP for server-side scripting and web development Usage of rand for generating random numbers or values Description Non compliant code public function generateRandomNumber() { return rand(); } ...
Password change without identity check - PHP
Need Enforce strong identity verification for password changes Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of Auth for user authentication and authorization Usage of Hash for ...
Spoofing - PHP
Need Prevention of unauthorized access and impersonation Context Usage of PHP for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User dependency for user-related functionality Description Non ...
Sensitive information sent via URL parameters - PHP
Need Protection of sensitive information during transmission Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of the App\\User module for user-related functionality Usage of a view ...
Inadequate file size control - PHP
Need Implementation of file size validation and restriction Context Requirement of PHP 5.6 or later for running the application Usage of Request for making HTTP requests Usage of public_path for specifying the public directory path in a web ...
Insecure file upload - PHP
Need Secure file upload process Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Description Non compliant code public function uploadFile(Request $request) { ...
User enumeration - PHP
Need Prevention of user enumeration Context Usage of PHP 7.0 for server-side scripting and web development Usage of Request for making HTTP requests Usage of the User dependency for managing user-related functionality Usage of Hash for secure ...
Use of an insecure channel - PHP
Need Secure transmission of sensitive information Context Usage of PHP for server-side web development Usage of GuzzleHttp for making HTTP requests in PHP Description Non compliant code public function sendData($data){ $url = ...
XPath injection - PHP
Need Implementation of proper input validation and sanitization to prevent XPath injection attacks. Context Usage of PHP 5.0+ for server-side scripting and web development Usage of DOMDocument for HTML parsing and manipulation Usage of DOMXPath for ...
Administrative credentials stored in cache memory - PHP
Need Secure storage of administrative credentials Context Usage of PHP 7.0 for server-side scripting and web development Usage of Illuminate\\Http\\Request for handling HTTP requests in Laravel Usage of Illuminate\\Support\\Facades\\Cache for caching ...
Sensitive information sent insecurely - PHP
Need Secure transmission of sensitive information Context Usage of PHP 7.0+ for developing web applications Usage of Request for making HTTP requests in Node.js Usage of Auth for user authentication and authorization Usage of a client library for ...
Insecure encryption algorithm - SSL/TLS - PHP
Need Implementation of secure encryption algorithms and disabling insecure TLS protocol versions Context Usage of PHP for server-side web development Usage of Illuminate/Http for handling HTTP requests and responses in Laravel Description Non ...
Insecure authentication method - Basic - PHP
Need Implementation of a secure authentication method Context Requirement of PHP 7.0 or later for running the application Usage of Laravel framework for PHP web development Description Non compliant code Route::get('/user', function () { if ...
Next page