Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Doctrine
- Lang
- Security
- Security
- Laravel
- Secrets
- Symfony
- Wordpress-plugins
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
Security
Static IV used with AES in CBC mode. Static IVs enable chosen-plaintext attacks against encrypted data.
Likelihood: HIGH
Confidence: HIGH
CWE:
- CWE-329: Generation of Predictable IV with CBC Mode
OWASP:
- A02:2021 - Cryptographic Failures
Do not call ‘extract()’ on user-controllable data. If you must, then you must also provide the EXTR_SKIP flag to prevent overwriting existing variables.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-502: Deserialization of Untrusted Data
OWASP:
- A08:2017 - Insecure Deserialization
- A08:2021 - Software and Data Integrity Failures
Detected non-constant file inclusion. This can lead to local file inclusion (LFI) or remote file inclusion (RFI) if user input reaches this statement. LFI and RFI could lead to sensitive files being obtained by attackers. Instead, explicitly specify what to include. If that is not a viable solution, validate user input thoroughly.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’)
OWASP:
- A03:2021 - Injection
Calling unserialize() with user input in the pattern can lead to arbitrary code execution. Consider using JSON or structured data approaches (e.g. Google Protocol Buffers).
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-502: Deserialization of Untrusted Data
OWASP:
- A08:2017 - Insecure Deserialization
- A08:2021 - Software and Data Integrity Failures
Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-287: Improper Authentication
OWASP:
- A02:2017 - Broken Authentication
- A07:2021 - Identification and Authentication Failures
It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use password_hash($PASSWORD, PASSWORD_BCRYPT, $OPTIONS);.
Likelihood: HIGH
Confidence: MEDIUM
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
Using user input when deleting files with unlink() is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
OWASP:
- A05:2017 - Broken Access Control
- A01:2021 - Broken Access Control
The function base_convert uses 64-bit numbers internally, and does not correctly convert large numbers. It is not suitable for random tokens such as those used for session tokens or CSRF tokens.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-190: Integer Overflow or Wraparound
Access-Control-Allow-Origin response header is set to ”*”. This will disable CORS Same Origin Policy restrictions.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-346: Origin Validation Error
OWASP:
- A07:2021 - Identification and Authentication Failures
FTP allows for unencrypted file transfers. Consider using an encrypted alternative.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-319: Cleartext Transmission of Sensitive Information
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
Executing non-constant commands. This can lead to command injection.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-94: Improper Control of Generation of Code (‘Code Injection’)
OWASP:
- A03:2021 - Injection
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. Dangerous function FUNCSwithpayloadDATA
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-918: Server-Side Request Forgery (SSRF)
OWASP:
- A10:2021 - Server-Side Request Forgery (SSRF)
Calling assert with user input is equivalent to eval’ing.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code (‘Eval Injection’)
OWASP:
- A03:2021 - Injection
Redirecting to the current request URL may redirect to another domain, if the current path starts with two slashes. E.g. in https://www.example.com//attacker.com, the value of REQUEST_URI is //attacker.com, and redirecting to it will redirect to that domain.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-601: URL Redirection to Untrusted Site (‘Open Redirect’)
OWASP:
- A05:2017 - Broken Access Control
- A01:2021 - Broken Access Control
Evaluating non-constant commands. This can lead to command injection.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)
OWASP:
- A01:2017 - Injection
- A03:2021 - Injection
Detected usage of weak crypto function. Consider using stronger alternatives.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-328: Use of Weak Hash
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
Mcrypt functionality has been deprecated and/or removed in recent PHP versions. Consider using Sodium or OpenSSL.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-676: Use of Potentially Dangerous Function
The ‘phpinfo’ function may reveal sensitive information about your environment.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
OWASP:
- A01:2021 - Broken Access Control
SSL verification is disabled but should not be (currently CURLOPT_SSL_VERIFYPEER= $IS_VERIFIED)
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-319: Cleartext Transmission of Sensitive Information
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
Executing non-constant commands. This can lead to command injection. You should use escapeshellarg() when using command.
Likelihood: HIGH
Confidence: MEDIUM
CWE:
- CWE-94: Improper Control of Generation of Code (‘Code Injection’)
OWASP:
- A03:2021 - Injection
Backticks use may lead to command injection vulnerabilities.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-94: Improper Control of Generation of Code (‘Code Injection’)
OWASP:
- A03:2021 - Injection
Calling mb_ereg_replace with user input in the options can lead to arbitrary code execution. The eval modifier (e) evaluates the replacement argument as code.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-94: Improper Control of Generation of Code (‘Code Injection’)
OWASP:
- A03:2021 - Injection
Make sure comparisons involving md5 values are strict (use === not ==) to avoid type juggling issues
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-697: Incorrect Comparison