Tech »  Topic »  Multiple PHP Vulnerabilities Enables SQLi and DoS Attacks – Update Now

Multiple PHP Vulnerabilities Enables SQLi and DoS Attacks – Update Now

1 day, 14 hours ago   gbhackers

Security researchers have disclosed two significant vulnerabilities in PHP, the popular server-side scripting language, that could allow attackers to launch SQL injection (SQLi) and Denial of Service (DoS) attacks.

According to the report, Administrators and developers are urged to update their PHP installations immediately to mitigate these risks.

CVE ID Component Severity Affected Versions Patched Versions
CVE-2025-1735 pgsql extension Moderate <8.1.33, <8.2.29, <8.3.23, <8.4.10 8.1.33, 8.2.29, 8.3.23, 8.4.10
CVE-2025-6491 SOAP extension Moderate <8.1.33, <8.2.29, <8.3.23, <8.4.10 8.1.33, 8.2.29, 8.3.23, 8.4.10

Overview of the Vulnerabilities

1. SQL Injection and Crash via pgsql Extension (CVE-2025-1735)

A moderate-severity flaw has been identified in PHP’s pgsql extension, which is used to interface with PostgreSQL databases.

The vulnerability arises because the extension ...


Copyright of this story solely belongs to gbhackers . To see the full text click HERE