CVE-2018-19784

The str_rot_pass function in vendor/atholn1600/php-proxy/src/helpers.php in PHP-Proxy 5.1.0 uses weak cryptography, which makes it easier for attackers to calculate the authorization data needed for local file inclusion.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
php-proxyphp-proxy
5.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/Athlon1600/php-proxy-app/issues/139
https://github.com/eddietcc/CVE-Bins/blob/master/PHP-Proxy/readme.md
https://github.com/Athlon1600/php-proxy-app/issues/139
https://github.com/eddietcc/CVE-Bins/blob/master/PHP-Proxy/readme.md