Browse all 4 CVE security advisories affecting EasyPHP. AI-powered Chinese analysis, POCs, and references for each vulnerability.
EasyPHP serves as a local web development environment, enabling users to run Apache, MySQL, and PHP on Windows systems. Historically, it has been susceptible to remote code execution vulnerabilities through improper input validation and insecure default configurations, with cross-site scripting flaws also prevalent in its web interface. Privilege escalation risks have emerged due to insecure service permissions and improper handling of user-supplied data. The software's four recorded CVEs highlight persistent security concerns, particularly around default credentials and insufficient access controls. While no major public incidents have been widely documented, the vulnerability pattern suggests consistent risks in deployment and maintenance practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-53944 | EasyPHP Webserver 14.1 Path Traversal via Directory Traversal Sequences — EasyPHP WebserverCWE-22 | 6.5 | Medium | 2025-12-18 |
| CVE-2023-53941 | EasyPHP Webserver 14.1 Remote Code Execution — EasyPHP WebserverCWE-78 | 9.8 | Critical | 2025-12-18 |
| CVE-2024-11215 | Path traversal vulnerability in EasyPHP — EasyPHP web serverCWE-22 | 6.5 | Medium | 2024-11-14 |
| CVE-2023-3767 | OS command injection on EasyPHP Webserver — WebserverCWE-78 | 9.8 | Critical | 2023-09-26 |
This page lists every published CVE security advisory associated with EasyPHP. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.