Filtered by vendor Gouguoyin
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-11031 | 1 Gouguoyin | 1 Phprap | 2018-06-19 | 10.0 HIGH | 9.8 CRITICAL |
application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request. | |||||
CVE-2018-11032 | 1 Gouguoyin | 1 Phprap | 2018-06-19 | 7.5 HIGH | 9.8 CRITICAL |
PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php search() function. |