CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an apiurl=file:////etc/passwdmethod=get POST request...

10CVSS7AI score0.00754EPSS

Exploits1References1

NVD•added 2018/05/14 12:29 a.m.•7 views

CVE-2018-11032

PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php search function...

9.8CVSS10AI score0.0025EPSS

Exploits1References1

Prion•added 2018/05/14 12:29 a.m.•11 views

Sql injection

PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php search function...

7.5CVSS9.9AI score0.0025EPSS

Exploits1References1Affected Software1

OSV•added 2018/05/14 12:29 a.m.•1 views

CVE-2018-11032

PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php search function...

9.8CVSS5.8AI score

Exploits0References1

Prion•added 2018/05/14 12:29 a.m.•16 views

Cross site request forgery (csrf)

application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an apiurl=file:////etc/passwd&apimethod=get POST request...

10CVSS9.4AI score0.00754EPSS

Exploits1References1Affected Software1

CVE•added 2018/05/14 12:0 a.m.•37 views

CVE-2018-11032

PHPRAP 1.0.4–1.0.8 contains a SQL Injection vulnerability in the search() function of application/home/controller/project.php. All sources consistently describe an input-driven SQL injection in the project search path, enabling arbitrary SQL execution via malicious input. The affected component i...

9.8CVSS9.9AI score0.0025EPSS

Exploits1References1Affected Software1

CNVD•added 2018/05/14 12:0 a.m.•1 views

PHPRAP SQL Injection Vulnerability

PHPRAP is a PHP-based lightweight open source document management system . A SQL injection vulnerability exists in PHPRAP versions 1.0.4 through 1.0.8. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the 'search' function in the...

9.8CVSS8.6AI score0.0025EPSS

Exploits1References1

Cvelist•added 2018/05/14 12:0 a.m.•8 views

CVE-2018-11031

application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an apiurl=file:////etc/passwd&apimethod=get POST request...

9.5AI score0.00754EPSS

Exploits1References1

Cvelist•added 2018/05/14 12:0 a.m.•8 views

CVE-2018-11032

PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php search function...

10AI score0.0025EPSS

Exploits1References1

CVE•added 2018/05/14 12:0 a.m.•37 views

CVE-2018-11031

PHPRAP 1.0.4–1.0.8 is affected by a server-side request forgery (SSRF) in the file application/home/controller/debug.php, exploitable via the /debug URI. The issue is triggered by crafted input such as api[url]=file:////etc/passwd and api[method]=get in a POST request, enabling an attacker to ind...

10CVSS9.3AI score0.00754EPSS

Exploits1References1Affected Software1

CNVD•added 2018/05/14 12:0 a.m.•1 views

PHPRAP Server-Side Request Forgery Vulnerability

PHPRAP is a PHP lightweight open source API interface document management system . A server-side request forgery vulnerability exists in the application/home/controller/debug.php file in PHPRAP versions 1.0.4 through 1.0.8. This vulnerability can be exploited to perform server-side request forger...

10CVSS9.4AI score0.00754EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by