PkgRadar

Composer · packagist.org

con4gis/core

Php Base64 Eval Chain, Php Backtick With Decode, Php Shell With Decode

Why PkgRadar flagged v8.0.21

SeveritySignalEvidence
highPhp Base64 Eval ChainKuestenschmiede-CoreBundle-c12e552/src/Classes/C4GImport.php
highPhp Base64 Eval ChainKuestenschmiede-CoreBundle-c12e552/src/Classes/Callback/C4GImportDataCallback.php
highPhp Backtick With DecodeKuestenschmiede-CoreBundle-c12e552/src/Classes/C4GImport.php
highPhp Shell With DecodeKuestenschmiede-CoreBundle-c12e552/src/Classes/Callback/C4GImportDataCallback.php
highPhp Backtick With DecodeKuestenschmiede-CoreBundle-c12e552/src/Classes/Callback/C4GImportDataCallback.php

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v8.0.21Review392026-06-23

Block this in CI

PkgRadar gates con4gis/core (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer con4gis/[email protected]
Start free — 25 scans / moView full evidence