There is RIPS - A static source code analyser for vulnerabilities in PHP scripts. Sources of RIPS available at SourceForge.
From the RIPS site:
RIPS is a tool written in PHP to find vulnerabilities in PHP
applications using static code analysis. By tokenizing and parsing all
source code files RIPS is able to transform PHP source code into a
program model and to detect sensitive sinks (potentially vulnerable
functions) that can be tainted by userinput (influenced by a malicious
user) during the program flow. Besides the structured output of found
vulnerabilities RIPS also offers an integrated code audit framework
for further manual analysis.
