Severe security bug found in popular PHP library for creating PDF files Vulnerability patched last year, but many websites and web apps will most likely remain vulnerable for years.

Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases.

Nasty bug with very simple exploit hits PHP just in time for the weekend With PoC code available and active Internet scans, speed is of the essence.

PHP Everywhere code execution bugs impact thousands of WordPress websites The remote code execution flaws are of critical severity.

As promised last year the initiative ‘Month of PHP bugs’ began on March 1st. Whereas previous efforts in the same vein — month of bugs for Mac, browsers and kernels — were new bugs, this ...

PHP bug allowing site hijacking still menaces Internet 22 months on Hackers continue to dish exploits executing malicious code on unsecured sites.

CVE-2019-11043 is trivial to exploit — and a proof of concept is available. A buffer underflow bug in PHP could allow remote code-execution (RCE) on targeted NGINX servers. First discovered ...