Browse all 5 CVE security advisories affecting PHP Factory. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PHP Factory develops PHP-based web applications and frameworks for enterprise solutions. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities due to insecure input handling and authentication flaws. The organization has recorded five CVEs, primarily involving improper access controls and insecure deserialization. While no major public security incidents have been documented, their consistent vulnerability pattern suggests a need for enhanced security testing protocols. PHP Factory's offerings remain attractive to businesses but require careful implementation and regular patching to mitigate identified risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-20725 | Php Factory Calendar01 跨站脚本漏洞 — [Calendar01] free edition | 4.8 | - | 2021-05-24 |
| CVE-2021-20723 | PHP Factory MailForm01 跨站脚本漏洞 — [MailForm01] free edition | 6.1 | - | 2021-05-24 |
| CVE-2021-20724 | PHP Factory Telop01 跨站脚本漏洞 — [Telop01] free edition | 4.8 | - | 2021-05-24 |
| CVE-2020-5616 | 多款PHP Factory产品授权问题漏洞 — [Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] | 8.8 | - | 2020-08-04 |
| CVE-2020-5615 | PHP Factory Calendar01和Calendar02 跨站请求伪造漏洞 — [Calendar01] and [Calendar02] | 8.8 | - | 2020-08-04 |
This page lists every published CVE security advisory associated with PHP Factory. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.