This is a simple set of things to grep for that will help identify potential vulnerabilities in PHP code.
8700fa18f507e86dc84f2e92e04b5abdb40ce92fcbade4663491cd4222cd6069
Symantec Web Gateway versions 5.2.2 and below suffer from an OS command injection vulnerability in new_whitelist.php.
cdd7d3fa2ce47af05afd30d9d1babc8da234a3d22e201c7e7cdf0cff0bfcaed3
The Atlassian HipChat plugin for various products leaks the secret key it uses to communicate with a linked HipChat instance.
345b646185427493eb236fd026b44691cfbcfec6cebe1f1fb55177bfcea28fd7
Gentoo Linux Security Advisory 201610-1 - Groovy is vulnerable to a remote execution of arbitrary code when java serialization is used. Versions less than 2.4.5 are affected.
c05aa1be21d3af2d387c9ec0850685c07159f109df4242b85beb4fb7a4777256
Debian Linux Security Advisory 3688-1 - Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project.
b93966cf45b459b94721e41f799657ce1d921ea91d32c39e7fe841f2d97f11e7
Gentoo Linux Security Advisory 201610-2 - Multiple vulnerabilities have been found in Apache, the worst of which could allow HTTP request smuggling attacks or a Denial of Service condition. Versions less than 2.4.23 are affected.
f52938e600b9ac39ca2ead14c607d873649a2281cb33d93efd4e5d0973d35baf
Red Hat Security Advisory 2016-2036-01 - Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant messaging system that is tailored for use in mission critical applications. Red Hat JBoss A-MQ 6.3 is a minor product release that updates Red Hat JBoss A-MQ 6.2.1, and includes several bug fixes and enhancements.
8cd86d79430eaadf742abab2ced8d9fbde2fbc11d3d9b054c93757686c935292
Red Hat Security Advisory 2016-2035-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss Fuse 6.3 is a minor product release that updates Red Hat JBoss Fuse 6.2.1, and includes several bug fixes and enhancements.
783d844b4a979957118ea3b2ddd3e8f2ab6d7c6074b85f24619161724330d970
Debian Linux Security Advisory 3687-1 - Two vulnerabilities were reported in NSPR, a library to abstract over operating system interfaces developed by the Mozilla project.
dd09b07b2fad2cfbb96e59973b2597efe6ff844ab8ccc35dc331c34b3b329e63
Billion Router 7700NR4 remote root command execution exploit.
472a30c55440464665f57052e169657facadf4c278f360ad2dc798afbf93b7f1
Just Dial Clone Script suffers from a remote SQL injection vulnerability.
e62fc9ebf3b5e13fc2675a83ba7b26998456e22588d2c780e17c87e7486c054b
MLM Unilevel Plan Script version 1.0.2 suffers from a remote SQL injection vulnerability.
3af795917f8846d53d53551a7c9af0f71f0f2b8e84008d7440e77d05eebaf7ed
B2B Portal Script suffers from a remote blind SQL injection vulnerability.
9211d7ec45e2b7a55a6558befca9644b6bcacb85e986cab9be7947d448c48df4
Comodo Chromodo Browser suffers from an unquoted service path privilege escalation vulnerability.
e2717c45c4ad2cf8ba14c81ac09a79c25d53c3e3ee168b8a49a4a25d6b2b0f0d
Advance MLM Script suffers from a remote SQL injection vulnerability.
3e9e0c719de1264b150212c4fd5e5ab25009fef2d2f68ed60289b404f6737b13
Witbe suffers from a remote code execution vulnerability.
152983efd6ee581a9292a5bf8f2f3dad6de884fc0de98aa0e13c881d8a0f5fd2
Comodo Dragon Browser suffers from an unquoted service path privilege escalation vulnerability.
6d3836164e10aa02613b8ae07dab35dadd402d06ce8138ef206e090254cfc97b
PHP Classifieds Rental Script suffers from a remote blind SQL injection vulnerability.
c2e1d56cf10905f51c3ec7e75c229bd50b25e03d62453e0cc1068bdcbaf2fe9e
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
9e061ed17efdb50148d7006eb9cc9818873b211259976e1218683213783f45fc
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
027e9df7d5290efc94a8d152d0c0800ad8bb4c8929a5c4ff245a380a9ae34cb1
VX Search Enterprise version 9.0.26 suffers from a buffer overflow vulnerability.
867ae236d878c197b6bdf419632e0b68b06f49bdf2aadbd977e51c73aff7abee
Sync Breeze Enterprise version 8.9.24 suffers from a buffer overflow vulnerability.
38d3fa8568c6ee24fd40cbe26e5bb66231f1e57b682e550124cfbd43406cb6c2
Dup Scout Enterprise version 9.0.28 suffers from a buffer overflow vulnerability.
300194d3c61248185cfc4f21a96ab39f152a2dc471cc3a4a86663efc3adeeccb
Disk Sorter Enterprise version 9.0.24 suffers from a buffer overflow vulnerability.
70384b935857a19306f206156c910c20c8b74cc77b5b663194109f2c7d4896e6
Disk Savvy Enterprise version 9.0.32 suffers from a buffer overflow vulnerability.
b776ae0fef71eab7680933bc0a2b89a7b301f1f9dad6dde299a90095a65fec3d