Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases.

CVE-2019-11043 is trivial to exploit — and a proof of concept is available. A buffer underflow bug in PHP could allow remote code-execution (RCE) on targeted NGINX servers. First discovered ...

Nasty bug with very simple exploit hits PHP just in time for the weekend With PoC code available and active Internet scans, speed is of the essence.

More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 ...

Attackers target unpatched PHP bug allowing malicious code execution Attackers are targeting a PHP bug that can be used to remotely hijack websites.

PHP Everywhere code execution bugs impact thousands of WordPress websites The remote code execution flaws are of critical severity.

The Month of PHP Bugs is backed by the Hardened-PHP Project, which was launched by three German security researchers in 2004. "You should consider the Month of PHP Bugs a result report for just ...

As promised last year the initiative ‘Month of PHP bugs’ began on March 1st. Whereas previous efforts in the same vein — month of bugs for Mac, browsers and kernels — were new bugs, this ...