CVE-2018-11031
PHPRAP 1.0.4–1.0.8 is affected by a server-side request forgery (SSRF) in the file application/home/controller/debug.php, exploitable via the /debug URI. The issue is triggered by crafted input such as api[url]=file:////etc/passwd and api[method]=get in a POST request, enabling an attacker to ind...