PHP

PHP

Made by DeepSource
Audit required: Functions might be vulnerable to Server-Side Request Forgery (SSRF) PHP-A1013
Security
Critical

Server-Side Request Forgery (SSRF) is a vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing. This can result in data leakage, unauthorized access to internal services, and in some cases, remote code execution.

Audit required: Functions might be vulnerable to Local File Inclusion (LFI) PHP-A1014
Security
Critical

The highlighted occurrences might be vulnerable to Local File Inclusion (LFI). LFI vulnerabilities occur when user-supplied input is used to construct a file path for operations like reading or including a file. An attacker can exploit these vulnerabilities to read or execute arbitrary files on the server, leading to information disclosure or remote code execution. To mitigate LFI vulnerabilities, avoid using user-supplied input to construct file paths. If you must use user input, make sure to validate and sanitize it thoroughly. Consider using a whitelist of allowed paths or file names. Also, keep in mind that even file paths that are not directly user-supplied can be influenced by the user, for example through HTTP headers or cookies.

Missing class doc comment PHP-D1001
Documentation
Minor

Documentation comments are helpful in understanding what that part of the code is responsible for. It is always a good idea to add documentation to your code to improve the code readability and maintainability. In addition to that, it becomes helpful when you revisit the code after a long time. Here, the class is missing the doc comment and it is recommended to add it for the reasons discussed above.

Audit required: Presence of debug function found PHP-A1012
Security
Critical

Debugging functions such as var_dump, print_r or var_export should not be kept in production code. These functions display information about the variable, which can be helpful during development. However, if they contain any sensitive information, the presence of these functions in production code can expose that. Therefore, it is advised to avoid using it in production.

Missing function/class method doc comment PHP-D1002
Documentation
Minor

Documentation comments are helpful in understanding what that part of the code is responsible for. It is always a good idea to add documentation to your code to improve the code readability and maintainability. In addition to that, it becomes helpful when you revisit the code after a long time. Here, the function/class method is missing the doc comment and it is recommended to add it for the reasons discussed above.

Invalid class instantiation PHP-W1012
Bug risk
Critical

The class has been incorrectly instantiated, which would cause a runtime error.

Use of FIXME/XXX/TODO encountered PHP-W1073
Documentation
Minor

You have marked this block as FIXME/TODO/XXX. Please make sure this is addressed, or remove this comment as this could be misleading.

Audit required: Use of insecure eval() function found PHP-A1000
Security
Critical

eval() function allows execution of an arbitrary PHP code. Executing code dynamically is security-sensitive and should be avoided.

Function with cyclomatic complexity higher than threshold found PHP-R1006
Anti-pattern
Minor

A function with high cyclomatic complexity can be hard to understand and maintain. Cyclomatic complexity is a software metric that measures the number of independent paths through a function. A higher cyclomatic complexity indicates that the function has more decision points and is more complex.

Invalid assignment PHP-W1032
Bug risk
Critical

The assignment is not valid and would raise an error during the runtime.

Syntax error PHP-E1111
Bug risk
Critical

Syntax error found in this file. Please refer to the error message for more information.

Audit required: Use of an insecure cipher PHP-A1007
Security
Critical

Cipher algorithm used to encrypt data is not strong. Using weak cipher algorithm such as RC2, RC4, DES, MD5, etc. for encrypting sensitive data can be vulnerable to several attacks.

Audit required: Insecure use of logger PHP-A1011
Security
Major

Logging user-provided values directly can put application vulnerable to multiple attack vectors. Superglobal variables contains values specified by the user, which are considered as tainted and untrusted. Therefore, it is discouraged to pass these variables directly to the logger.

Audit required: Include statements might be vulnerable to injection attacks PHP-A1001
Security
Critical

The include (or require) statements are used to include and copy all the text/code/markup from an external file into the file that uses the include statement. This issue flags the use of this statement when a user-provided value is directly used in it.

Using user-provided values to construct the include/require statement can allow an attacker to control which files are included, giving them the ability to execute arbitrary code.

Audit required: SQL query might be vulnerable to injection attacks PHP-A1002
Security
Critical

Using user-provided data while executing an SQL query can lead to SQL injection attacks. An SQL injection attack consists of the insertion or "injection" of a malformed SQL query via the input data given to an application. It is a prevalent attack vector and causes significant damage if the incoming data is not properly sanitized.

Directory created with insecure permissions PHP-A1006
Security
Critical

Excessive permissions are granted when creating a directory. This issue is raised when permission greater than 0755 is given, or permissions argument is not specified when creating a directory using mkdir() function. By default, mkdir() function gives universal access(0777) to created folders.

The permission number can be a 3 or 4-digit numeric, where the first digit states permissions for the file owner, the second digit is for the file group, and the last digit states the permission all other users. Each write, read, and execute permissions have the following number value:

  • r (read) = 4
  • w (write) = 2
  • x (execute) = 1
  • no permissions = 0

So as an example, to give full permission to file owner and read permission to the group and all other users, use 0744 while creating a directory.