CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
    • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
        • Doctrine
        • Lang
          • Security
          • Security
        • Laravel
        • Secrets
        • Symfony
        • Wordpress-plugins
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
      • Terraform
      • Typescript
      • Yaml
    Lang

    Security

    Static IV used with AES in CBC mode. Static IVs enable chosen-plaintext attacks against encrypted data.
    Likelihood: HIGH
    Confidence: HIGH
    CWE:
    - CWE-329: Generation of Predictable IV with CBC Mode
    OWASP:
    - A02:2021 - Cryptographic Failures

    Do not call ‘extract()’ on user-controllable data. If you must, then you must also provide the EXTR_SKIP flag to prevent overwriting existing variables.
    Likelihood: MEDIUM
    Confidence: MEDIUM
    CWE:
    - CWE-502: Deserialization of Untrusted Data
    OWASP:
    - A08:2017 - Insecure Deserialization
    - A08:2021 - Software and Data Integrity Failures

    Detected non-constant file inclusion. This can lead to local file inclusion (LFI) or remote file inclusion (RFI) if user input reaches this statement. LFI and RFI could lead to sensitive files being obtained by attackers. Instead, explicitly specify what to include. If that is not a viable solution, validate user input thoroughly.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’)
    OWASP:
    - A03:2021 - Injection

    Calling unserialize() with user input in the pattern can lead to arbitrary code execution. Consider using JSON or structured data approaches (e.g. Google Protocol Buffers).
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-502: Deserialization of Untrusted Data
    OWASP:
    - A08:2017 - Insecure Deserialization
    - A08:2021 - Software and Data Integrity Failures

    Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-287: Improper Authentication
    OWASP:
    - A02:2017 - Broken Authentication
    - A07:2021 - Identification and Authentication Failures

    It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use password_hash($PASSWORD, PASSWORD_BCRYPT, $OPTIONS);.
    Likelihood: HIGH
    Confidence: MEDIUM
    CWE:
    - CWE-327: Use of a Broken or Risky Cryptographic Algorithm
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A02:2021 - Cryptographic Failures

    Using user input when deleting files with unlink() is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
    OWASP:
    - A05:2017 - Broken Access Control
    - A01:2021 - Broken Access Control

    The function base_convert uses 64-bit numbers internally, and does not correctly convert large numbers. It is not suitable for random tokens such as those used for session tokens or CSRF tokens.
    Likelihood: LOW
    Confidence: HIGH
    CWE:
    - CWE-190: Integer Overflow or Wraparound

    Access-Control-Allow-Origin response header is set to ”*”. This will disable CORS Same Origin Policy restrictions.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-346: Origin Validation Error
    OWASP:
    - A07:2021 - Identification and Authentication Failures

    FTP allows for unencrypted file transfers. Consider using an encrypted alternative.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-319: Cleartext Transmission of Sensitive Information
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A02:2021 - Cryptographic Failures

    Executing non-constant commands. This can lead to command injection.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. Dangerous function FUNCSwithpayloadFUNCS with payload FUNCSwithpayloadDATA
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-918: Server-Side Request Forgery (SSRF)
    OWASP:
    - A10:2021 - Server-Side Request Forgery (SSRF)

    Calling assert with user input is equivalent to eval’ing.
    Likelihood: MEDIUM
    Confidence: HIGH
    CWE:
    - CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code (‘Eval Injection’)
    OWASP:
    - A03:2021 - Injection

    Redirecting to the current request URL may redirect to another domain, if the current path starts with two slashes. E.g. in https://www.example.com//attacker.com, the value of REQUEST_URI is //attacker.com, and redirecting to it will redirect to that domain.
    Likelihood: MEDIUM
    Confidence: MEDIUM
    CWE:
    - CWE-601: URL Redirection to Untrusted Site (‘Open Redirect’)
    OWASP:
    - A05:2017 - Broken Access Control
    - A01:2021 - Broken Access Control

    Evaluating non-constant commands. This can lead to command injection.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)
    OWASP:
    - A01:2017 - Injection
    - A03:2021 - Injection

    Detected usage of weak crypto function. Consider using stronger alternatives.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-328: Use of Weak Hash
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A02:2021 - Cryptographic Failures

    Mcrypt functionality has been deprecated and/or removed in recent PHP versions. Consider using Sodium or OpenSSL.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-676: Use of Potentially Dangerous Function

    The ‘phpinfo’ function may reveal sensitive information about your environment.
    Likelihood: MEDIUM
    Confidence: MEDIUM
    CWE:
    - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
    OWASP:
    - A01:2021 - Broken Access Control

    SSL verification is disabled but should not be (currently CURLOPT_SSL_VERIFYPEER= $IS_VERIFIED)
    Likelihood: LOW
    Confidence: MEDIUM
    CWE:
    - CWE-319: Cleartext Transmission of Sensitive Information
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A02:2021 - Cryptographic Failures

    Executing non-constant commands. This can lead to command injection. You should use escapeshellarg() when using command.
    Likelihood: HIGH
    Confidence: MEDIUM
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    Backticks use may lead to command injection vulnerabilities.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    Calling mb_ereg_replace with user input in the options can lead to arbitrary code execution. The eval modifier (e) evaluates the replacement argument as code.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    Make sure comparisons involving md5 values are strict (use === not ==) to avoid type juggling issues
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-697: Incorrect Comparison

    AuditAudit
    twitterlinkedin
    Powered by Mintlify