Athlon1600 Php-Proxy-App vulnerabilities
2 known vulnerabilities affecting athlon1600/php-proxy-app.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-19458P2HIGHCVSS 7.5PoC≥ 0, ≤ 3.02022-05-14
CVE-2018-19458 [HIGH] CWE-287 Unauthenticated File Read in PHP Proxy
Unauthenticated File Read in PHP Proxy
In PHP Proxy 3.0.3, any user can read files from the server without authentication due to an `index.php?q=file:///` LFI URI, a different vulnerability than CVE-2018-19246.
ghsaosv
CVE-2018-19785P4MEDIUM≥ 0, < 3.02022-05-14
CVE-2018-19785 [MEDIUM] CWE-79 XSS in PHP-Proxy-App through v3.0
XSS in PHP-Proxy-App through v3.0
PHP-Proxy-App through 3.0 has Cross-Site Scripting (XSS) via the URL field in index.php.
ghsaosv