Q
Detector Library
PHP detectors (34/34)
Server Side Request ForgerySQL InjectionActivated Debug FeatureSensitive information leakLog InjectionOrigins-verified cross-origin communicationsCross-site scriptingDangerous Function UsagePath TraversalAvoiding Exceptions in PHPOS command injectionIncorrect ComparisonLdap Bind Without PasswordSendfile InjectionAssert UseLoose file permissionsImproper AuthenticationInsecure connectionWeak Random Number GenerationOpen RedirectAllow Url Fopen Or IncludeInsecure cryptographyObject Input Stream Insecure DeserializationCookie Without Http Only FlagCode InjectionZip bomb attackUnsafe ReflectionSecure Signal HandlingDeserialization of untrusted dataStatic Initialization Vector (IV)Coral Csrf RuleInsecure cookieImproper access controlInsecure Object Attribute Modification
Dangerous Function Usage High
It spots deprecated Mcrypt functions, pushing for a switch to secure alternatives like Sodium or openSSL. It ensures code aligns with evolving security standards, fostering resilience and compliance. This proactive approach mitigates potential security risks, enhancing the robustness PHP application.
Detector ID
php/dangerous-function-usage@v1.0
Category
Common Weakness Enumeration (CWE) 
Tags
-