Lucene search
GoogleOSV:GHSA-48R9-4V93-X4WHHistoryMay 17, 2022 - 5:29 a.m.
DOMPDF Remote File Inclusion Vulnerability
2022-05-1705:29:50
Google
osv.dev
7
dompdf
remote file inclusion
php
vulnerability
dompdf 0.6.0 beta1
arbitrary code execution
url
input file parameter
software
PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the input_file parameter.
References
www.exploit-db.com/exploits/14851
github.com/dompdf/dompdf
github.com/dompdf/dompdf/commit/23a693993299e669306929e3d49a4a1f7b3fb028
github.com/dompdf/dompdf/releases/tag/v0.6.2
github.com/dompdf/dompdf/wiki/Securing-dompdf
github.com/FriendsOfPHP/security-advisories/blob/master/dompdf/dompdf/CVE-2010-4879.yaml
nvd.nist.gov/vuln/detail/CVE-2010-4879
Related
cvelist
cvelist
CVE-2010-4879
2011-10-07 10:00:00
debiancve
debiancve
CVE-2010-4879
2011-10-07 10:55:08
nvd
nvd
CVE-2010-4879
2011-10-07 10:55:08
github
github
DOMPDF Remote File Inclusion Vulnerability
2022-05-17 05:29:50
prion
prion
Remote file inclusion
2011-10-07 10:55:00
exploitdb
exploitdb
dompdf 0.6.0 beta1 - Remote File Inclusion
2010-09-01 00:00:00
cve
cve
CVE-2010-4879
2011-10-07 10:55:08
friendsofphp
friendsofphp
PHP remote file inclusion vulnerability in dompdf.php
2014-03-10 21:57:58
Remote Code Execution (complement of CVE-2014-2383)
2015-12-07 00:07:13
PHP remote file inclusion vulnerability in dompdf.php
2014-03-10 21:57:58