kuafuRace/phprap

Releases1

Frequency

Last Release almost 7 years ago

Stars119

PHPRAP，是一个PHP轻量级开源API接口文档管理系统，致力于减少前后端沟通成本，提高团队协作开发效率，打造PHP版的RAP。

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-11031 ↗	May 14, 2018Monday, 14 May 2018, 00:29	—	10 HIGH
application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request.
CVE-2018-11032 ↗	May 14, 2018Monday, 14 May 2018, 00:29	—	7.5 HIGH
PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php search() function.