CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.10)  
ID

CWE VIEW: Weaknesses in Software Written in PHP

View ID: 661
Structure: Implicit Slice
Status: Draft
Presentation Filter:
+ View Data

View Objective

This view (slice) covers issues that are found in PHP programs that are not common to all languages.

View Filter: .//Applicable_Platforms//@Language_Name='PHP'

+ Relationships
Weakness VariantWeakness Variant Deserialization of Untrusted Data - (502)
Weakness BaseWeakness Base Dynamic Variable Evaluation - (627)
Weakness BaseWeakness Base Executable Regular Expression Error - (624)
Weakness BaseWeakness Base External Initialization of Trusted Variables or Data Stores - (454)
Weakness BaseWeakness Base Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') - (98)
Weakness BaseWeakness Base Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') - (95)
Weakness BaseWeakness Base Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') - (96)
Weakness BaseWeakness Base Improperly Controlled Modification of Dynamically-Determined Object Attributes - (915)
Weakness VariantWeakness Variant Incomplete Identification of Uploaded File Variables (PHP) - (616)
Weakness BaseWeakness Base Information Exposure Through an Error Message - (209)
Weakness BaseWeakness Base Information Exposure Through Externally-generated Error Message - (211)
Weakness BaseWeakness Base Insecure Default Variable Initialization - (453)
Weakness VariantWeakness Variant Null Byte Interaction Error (Poison Null Byte) - (626)
Weakness BaseWeakness Base Omitted Break Statement in Switch - (484)
Weakness BaseWeakness Base Permissive Regular Expression - (625)
Weakness VariantWeakness Variant PHP External Variable Modification - (473)
Weakness BaseWeakness Base Unrestricted Upload of File with Dangerous Type - (434)
Weakness BaseWeakness Base Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') - (470)
Weakness BaseWeakness Base Use of Function with Inconsistent Implementations - (474)
Weakness VariantWeakness Variant Use of Uninitialized Variable - (457)
Weakness BaseWeakness Base Variable Extraction Error - (621)
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Description, Name, View_Filter, View_Structure
Previous Entry Names
Change DatePrevious Entry Name
2008-09-09Weaknesses found in the PHP Language
+ View Metrics
CWEs in this viewTotal CWEs
Total21out of1005
Views0out of33
Categories0out of244
Weaknesses21out of720
Compound_Elements0out of8

More information is available — Please select a different filter.
Page Last Updated: January 19, 2017