exploitDog

GHSA-mvqw-3jfw-q6hw

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request.

application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request.

Ссылки

EPSS

Процентиль: 73%

0.00754

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-918

Связанные уязвимости

CVE-2018-11031

CVSS3: 9.8

nvd

больше 7 лет назад

application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request.

EPSS

Процентиль: 73%

0.00754

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-918