File content as of revision 1:efe9cad8942f:

// Functions known to cause issues in PHP code.
// To add new issues use the format: function name[=>][[N]][description]
//	(where N is a severity rating of 1 (Critical) to 3 (Medium) (or optionally, 0 for 'normal'))
//
// NB - function names are case-sensitive for this file
//
// Untrusted Data
$_REQUEST=>Population of PHP's global arrays can result in server side variables being overwritten by user-submitted data. This functionality is best avoided and should be used with extreme caution. Manually review this section of code to ensure safe usage.

// Command execution
shell_exec=>This function allows execution of commands. It is dangerous when used with user controlled parameters and may facilitate direct attacks against the web server. Conduct a manual review of this section to ensure safe usage.
system=>This function allows execution of commands. It is dangerous with user controlled parameters and may facilitate direct attacks against the web server.
exec =>This function allows execution of commands. It is dangerous when used with user controlled parameters and may facilitate direct attacks against the web server. Conduct a manual review of this section to ensure safe usage.
popen=>This function allows execution of commands. It is dangerous when used with user controlled parameters and may facilitate direct attacks against the web server. Conduct a manual review of this section to ensure safe usage.
passthru=>This function allows execution of commands. It is dangerous when used with user controlled parameters and may facilitate direct attacks against the web server. Conduct a manual review of this section to ensure safe usage.
proc_open=>This function allows execution of commands. It is dangerous when used with user controlled parameters and may facilitate direct attacks against the web server. Conduct a manual review of this section to ensure safe usage.
pcntl_exec=>This function allows execution of commands. It is dangerous when used with user controlled parameters and may facilitate direct attacks against the web server. Conduct a manual review of this section to ensure safe usage.

// Code execution
eval =>This function allows execution of commands. It is dangerous when used with user controlled parameters and may facilitate direct attacks against the web server. Conduct a manual review of this section to ensure safe usage.
assert =>This function will evaluate PHP code. It is dangerous when used with user controlled parameters and may facilitate direct attacks against the web server. Conduct a manual review of this section to ensure safe usage.
preg_replace=>This function will evaluate PHP code. It is dangerous when used with user controlled parameters and may facilitate direct attacks against the web server. Conduct a manual review of this section to ensure safe usage.
create_function=>This function allows execution of commands. It is dangerous when used with user controlled parameters and may facilitate direct attacks against the web server. Conduct a manual review of this section to ensure safe usage.

// Information disclosure
phpinfo =>This debugging function can expose sensitive data to an attacker. Perform a manual check to ensure that its out put data is not visible to normal users.
show_source=>Shows the PHP source

// Development functionality
$_GET['debug']=>The codebase appears to contain test functionality which may be abused by an attacker. Carry out a manual check to determine whether the codepath is executable.
$_GET['test']=>The codebase appears to contain test functionality which may be abused by an attacker. Carry out a manual check to determine whether the codepath is executable.

// Unsafe Randomisation
mt_rand=>[3]The application uses pseudo-random number generation that is not cryptographically secure. Carry out a manual check to ensure this is not being used in a process that requires cryptographically secure random numbers.

// Insecure cryptographic functions
md5=>[3] MD5 Hashing algorithm.
CRYPT_STD_DES=>[2] Standard DES-based hash with a two character salt.
CRYPT_EXT_DES=>[3] Extended DES-based hash with a 9 character salt.
CRYPT_MD5=>[3] Crypt MD5 function. Whilst this function uses a twelve character salt it is still MD5.
mcrypt_cbc=>[3] Deprecated function. Use mcrypt_generic
mcrypt_cfb=>[3] Deprecated function. Use mcrypt_generic 
mcrypt_ecb=>[3] Deprecated function. Use mcrypt_generic
mcrypt_ofb=>[3] Deprecated function. Use mcrypt_generic
mcrypt_generic_end=>[3] Deprecated function. Use mcrypt_generic_deinit()

// File system
fopen
tmpfile