CWE Reference

CWE for php

Browse cwe for php with official CWE context and Glexia analysis.

Release starter-2026-05listing

Search And Filters

Browse CWE records

CWE-79 Weakness Base

CWE-79: Improper Neutralization of Input During Web Page Generation

Cross-site Scripting is a software weakness pattern tracked by CWE 79. The local starter record is replaced by the official MITRE CWE import when the sync pipeline runs.

JavaScript HTML TypeScript PHP Implementation Architecture and Design

CWE-89 Weakness Base

CWE-89: Improper Neutralization of Special Elements used in an SQL Command

SQL Injection is a software weakness pattern tracked by CWE 89. The local starter record is replaced by the official MITRE CWE import when the sync pipeline runs.

SQL Java PHP Python Implementation

CWE-78 Weakness Base

CWE-78: Improper Neutralization of Special Elements used in an OS Command

OS Command Injection is a software weakness pattern tracked by CWE 78. The local starter record is replaced by the official MITRE CWE import when the sync pipeline runs.

Shell Python PHP JavaScript Implementation

CWE-22 Weakness Base

CWE-22: Improper Limitation of a Pathname to a Restricted Directory

Path Traversal is a software weakness pattern tracked by CWE 22. The local starter record is replaced by the official MITRE CWE import when the sync pipeline runs.

JavaScript Python Java PHP Implementation

CWE-352 Weakness Compound

CWE-352: Cross-Site Request Forgery

Cross-Site Request Forgery is a software weakness pattern tracked by CWE 352. The local starter record is replaced by the official MITRE CWE import when the sync pipeline runs.

JavaScript HTML PHP Java Architecture and Design Implementation