Phprap
by Gouguoyin
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-11032 | Cri | 0.64 | 9.8 | 0.01 | May 14, 2018 | PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php search() function. | ||
| CVE-2018-11031 | Cri | 0.64 | 9.8 | 0.02 | May 14, 2018 | application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request. |
- risk 0.64cvss 9.8epss 0.01
PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php search() function.
- risk 0.64cvss 9.8epss 0.02
application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request.