PkgRadar

Composer · packagist.org

krma-cl/kcfinder

Php Base64 Eval Chain, Remote Payload

Why PkgRadar flagged v4.5.0

SeveritySignalEvidence
highPhp Base64 Eval Chain
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v4.5.0High risk572026-07-15
v4.3.0-rc.1High risk572026-07-15

Block this in CI

PkgRadar gates krma-cl/kcfinder (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer krma-cl/[email protected]
krma-cl/kcfinder — Composer security scan | PkgRadar