CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-11031

application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.0%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://github.com/gouguoyin/phprap/issues/89
https://github.com/gouguoyin/phprap/issues/89

Products affected by CVE-2018-11031

Gouguoyin » Phprap » Version: 1.0.4

cpe:2.3:a:gouguoyin:phprap:1.0.4
Gouguoyin » Phprap » Version: 1.0.5

cpe:2.3:a:gouguoyin:phprap:1.0.5
Gouguoyin » Phprap » Version: 1.0.6

cpe:2.3:a:gouguoyin:phprap:1.0.6
Gouguoyin » Phprap » Version: 1.0.7

cpe:2.3:a:gouguoyin:phprap:1.0.7
Gouguoyin » Phprap » Version: 1.0.8

cpe:2.3:a:gouguoyin:phprap:1.0.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-11031

Products

Pricing

Contact Us