Sttor Documentation

Appearance

Php Rules

SAST rules for Php that identify insecure patterns in application code.

Php Rule Catalog

IDTitleSeverityCategory
CODE-0745Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')CRITICALInjection
CODE-0746Code Injection via BackticksCRITICALInjection
CODE-0748OS Command Injection via eval()CRITICALInjection
CODE-0749Command Injection via System Exec FunctionsCRITICALInjection
CODE-0750Non-constant file inclusionCRITICALInjection
CODE-0203PHP Filter Chain File ReadHIGHInjection
CODE-0747Use of weak hashMEDIUMCrypto
CODE-0751Cleartext transmission of sensitive informationMEDIUMInsecureConfig
CODE-0752Use of deprecated Mcrypt functionalityMEDIUMCrypto
CODE-0753Exposure of sensitive system informationMEDIUMInsecureConfig

Total Rules: 10

Click on any rule ID to view detailed information, examples, and remediation guidance.

Copyright © 2026 Sttor