Composer · packagist.org
zealphp/zealphp
Php Base64 Eval Chain: base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload.
Why PkgRadar flagged v0.4.8
| Severity | Signal | Evidence |
|---|---|---|
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · sibidharan-zealphp-f323250/src/App.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · sibidharan-zealphp-f323250/src/CGI/WorkerPool.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · sibidharan-zealphp-f323250/src/Middleware/BasicAuthMiddleware.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · sibidharan-zealphp-f323250/src/fork_master.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · sibidharan-zealphp-f323250/src/pool_worker.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · sibidharan-zealphp-f323250/tests/Unit/CompressionMiddlewareTest.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · sibidharan-zealphp-f323250/tests/Unit/Middleware/CompressionExtraTest.php |
| high | Php Remote Fetch Exec Combo | Remote fetch (file_get_contents/curl) paired with eval/exec — fetch-and-run pattern. · sibidharan-zealphp-f323250/src/utils.php |
| high | Php Remote Fetch Exec Combo | Remote fetch (file_get_contents/curl) paired with eval/exec — fetch-and-run pattern. · sibidharan-zealphp-f323250/tests/Integration/CoroutineIsolationContractTest.php |
| high | Php Remote Fetch Exec Combo | Remote fetch (file_get_contents/curl) paired with eval/exec — fetch-and-run pattern. · sibidharan-zealphp-f323250/tests/Integration/CoroutineLegacyBehaviorTest.php |
| high | Php Remote Fetch Exec Combo | Remote fetch (file_get_contents/curl) paired with eval/exec — fetch-and-run pattern. · sibidharan-zealphp-f323250/tests/Integration/PhpInputIsolationTest.php |
| high | Php Remote Fetch Exec Combo | Remote fetch (file_get_contents/curl) paired with eval/exec — fetch-and-run pattern. · sibidharan-zealphp-f323250/tests/Integration/TrustBarIsolationTest.php |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.4.8 | High risk | 186 | 2026-06-10 |
v0.4.6 | High risk | 186 | 2026-06-10 |
Block this in CI
pkgradar gate --ecosystem composer zealphp/[email protected]