CVE-2018-19784

Name of the Vulnerable Software and Affected Versions PHP-Proxy version 5.1.0

Description The issue is related to the str rot pass function in PHP-Proxy, which uses weak cryptography. This weakness makes it easier for attackers to calculate the authorization data needed for local file inclusion. The vulnerability is also associated with unauthorized access to encryption keys, allowing a remote attacker to disclose protected information.

Recommendations For PHP-Proxy version 5.1.0, consider disabling the str rot pass function as a temporary workaround until a patch is available. Restrict access to sensitive data and encryption keys to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.