323 matches found
CVE-2023-23924 URI validation failure on SVG parsing in Dompdf
Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...
CVE-2023-23924
Dompdf 2.0.1 is vulnerable to URI validation bypass during SVG parsing. If an attacker provides an SVG containing an tag with uppercase letters, the parser may bypass protection and allow arbitrary URL calls via the phar wrapper. In PHP
CVE-2023-23924 URI validation failure on SVG parsing in Dompdf
Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...
CVE-2023-23924
Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...
Dompdf vulnerable to URI validation failure on SVG parsing
Summary The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This might leads to arbitrary object unserialize on PHP tags, in src/Image/Cache.php : if $type === "svg" $parser = xmlparsercreate"utf-8"; xmlparsersetoption$parser,...
PT-2023-1267 · Dompdf +1 · Dompdf +1
Name of the Vulnerable Software and Affected Versions: Dompdf version 2.0.1 Dompdf versions prior to 8.0.0 Description: The issue is related to the incorrect order of authorization checks before syntax analysis and canonization when processing tags with uppercase letters in SVG parsing. This can...
PDF Generator for WordPress < 1.1.2 - Reflected XSS
The plugin includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin Make a logged in admin open the following URL:...
PDF Generator for WordPress < 1.1.2 - Reflected XSS
The plugin includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin PoC Make a logged in admin open the following URL:...
PT-2023-6704 · WordPress · Pdf Generator For Wordpress
Name of the Vulnerable Software and Affected Versions: PDF Generator for WordPress plugin versions prior to 1.1.2 Description: The issue is related to a Reflected Cross-Site Scripting susceptibility in a vendored dompdf example file included in the PDF Generator for WordPress plugin. This could b...
Remote Code Execution (RCE)
dompdf/dompdf is vulnerable to remote code execution. The vulnerability exists because the registerFont function of FontMetrics.php does not properly halt the font registration when URI validation fails, such as through the @font-face rule, allowing an attacker to inject and execute maliciously...
Dompdf allows remote file inclusion because URI validation failure does not halt font registration
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...
GHSA-6X28-7H8C-CHX4 Dompdf allows remote file inclusion because URI validation failure does not halt font registration
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...
CVE-2022-41343
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...
CVE-2022-41343
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...
Remote file inclusion
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...
Dompdf 安全漏洞
Dompdf is an HTML to PDF converter. A security vulnerability exists in versions prior to Dompdf 2.0.1, which stems from a URI validation failure does not stop font registration...
CVE-2022-41343
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...
CVE-2022-41343
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...
CVE-2022-41343
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...
CVE-2022-41343
CVE-2022-41343 affects Dompdf before 2.0.1, where registerFont in FontMetrics.php allows remote file inclusion because URI validation fails to stop font registration. Exploit PoCs and Python scripts/staged reverse-shell demos exist (e.g., via @font-face). Impact is remote access to font assets po...