Lucene search
K

310 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/09 6:45 p.m.10 views

CVE-2026-8193

A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made...

6.5CVSS6.2AI score0.00206EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/09 6:45 p.m.42 views

CVE-2026-8193 Akaunting Invoice PDF Rendering dompdf.php server-side request forgery

A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made...

6.5CVSS0.00206EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.17 views

PT-2026-39405

A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made...

6.5CVSS6.2AI score0.00206EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/09 12:0 a.m.10 views

Akaunting 代码问题漏洞

Akaunting is an application software developed by Akaunting Company that provides all the tools needed for online fund management. Version 3.1.21 of Akaunting has a code vulnerability; this vulnerability stems from an unknown processing in the Invoice PDF Rendering component’s config/dompdf.php...

6.5CVSS6.6AI score0.00206EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/08 10:22 p.m.9 views

Kimai has an arbitrary file read in its invoice PDF renderer (admin)

Summary Users with the role System-Admin ROLESYSTEADMIN and the permission uploadinvoicetemplate can upload PDF invoice templates, which can call pdfContext.setOption'associatedfiles', ... inside the sandboxed Twig render. This is forwarded to mPDF's SetAssociatedFiles, whose writer calls...

4.9CVSS5.8AI score0.00278EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 12:57 a.m.9 views

Gotenberg's DNS rebinding bypasses SSRF validation on Chromium URL conversion routes

Summary FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when it navigates to the URL. An attacker who controls DNS for a hostname...

5.3CVSS5.8AI score0.00186EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/05/07 12:57 a.m.5 views

GHSA-2PMR-289P-44R3 Gotenberg's DNS rebinding bypasses SSRF validation on Chromium URL conversion routes

Summary FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when it navigates to the URL. An attacker who controls DNS for a hostname...

5.3CVSS5.8AI score0.00186EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/15 9:30 p.m.5 views

EUVD-2026-23052

Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS6.4AI score0.00336EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/10 1:23 a.m.7 views

CVE-2026-31017

A Server-Side Request Forgery SSRF vulnerability exists in the Print Format functionality of ERPNext v16.0.1 and Frappe Framework v16.1.1, where user-supplied HTML is insufficiently sanitized before being rendered into PDF. When generating PDFs from user-controlled HTML content, the application...

9.1CVSS6.1AI score0.00245EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 6:34 p.m.4 views

EUVD-2026-20511

A Server-Side Request Forgery SSRF vulnerability exists in the Print Format functionality of ERPNext v16.0.1 and Frappe Framework v16.1.1, where user-supplied HTML is insufficiently sanitized before being rendered into PDF. When generating PDFs from user-controlled HTML content, the application...

6.1AI score0.00245EPSS
Exploits0References3
NVD
NVD
added 2026/04/08 5:21 p.m.6 views

CVE-2026-31017

A Server-Side Request Forgery SSRF vulnerability exists in the Print Format functionality of ERPNext v16.0.1 and Frappe Framework v16.1.1, where user-supplied HTML is insufficiently sanitized before being rendered into PDF. When generating PDFs from user-controlled HTML content, the application...

9.1CVSS0.00245EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.6 views

PT-2026-31332

Name of the Vulnerable Software and Affected Versions ERPNext version 16.0.1 Frappe Framework version 16.1.1 Description A Server-Side Request Forgery SSRF exists in the Print Format functionality. Insufficient sanitization of user-supplied HTML before PDF rendering allows attackers to include HT...

9.1CVSS5.9AI score0.00245EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/08 12:0 a.m.19 views

CVE-2026-31017

A Server-Side Request Forgery SSRF vulnerability exists in the Print Format functionality of ERPNext v16.0.1 and Frappe Framework v16.1.1, where user-supplied HTML is insufficiently sanitized before being rendered into PDF. When generating PDFs from user-controlled HTML content, the application...

0.00245EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 12:0 a.m.8 views

CVE-2026-31017

A Server-Side Request Forgery SSRF vulnerability exists in the Print Format functionality of ERPNext v16.0.1 and Frappe Framework v16.1.1, where user-supplied HTML is insufficiently sanitized before being rendered into PDF. When generating PDFs from user-controlled HTML content, the application...

6.1AI score0.00245EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.4 views

PT-2026-31507

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description A cryptographic flaw exists in PDFium, a component of Google Chrome. This flaw could allow an attacker to read sensitive information from encrypted PDFs by conducting a brute-force...

9.6CVSS5.8AI score0.00608EPSS
Exploits0References65
CVE
CVE
added 2026/04/08 12:0 a.m.23 views

CVE-2026-31017

The connected PT-2026-31332 entry confirms a concrete SSRF vulnerability in ERPNext v16.0.1 and Frappe Framework v16.1.1, arising from insufficient sanitization of HTML in the Print Format function before PDF rendering. This allows user-supplied HTML (e.g., iframe elements) to trigger the server-...

9.1CVSS6.1AI score0.00245EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2026/03/31 8:16 p.m.6 views

CVE-2026-34367 InvoiceShelf: SSRF in Invoice PDF Rendering via Unsanitised HTML in Notes Field

InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Invoice PDF generation module. User-supplied HTML in the invoice Notes field i...

7.6CVSS5.8AI score0.00261EPSS
Exploits1References4
CVE
CVE
added 2026/03/31 8:16 p.m.9 views

CVE-2026-34367

InvoiceShelf (open-source web/mobile app) is affected by a Server-Side Request Forgery (SSRF) in the PDF generation module prior to version 2.2.0. User-supplied HTML in the Notes field is passed unsanitised to the Dompdf renderer, which fetches remote resources referenced in the markup. The vulne...

8.7CVSS5.8AI score0.00261EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/31 8:5 p.m.21 views

CVE-2026-34366 InvoiceShelf: SSRF in Payment Receipt PDF Rendering via Unsanitised HTML in Notes Field

InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Payment receipt PDF generation module. User-supplied HTML in the payment Notes...

7.6CVSS0.00245EPSS
Exploits1References2
CVE
CVE
added 2026/03/31 8:5 p.m.10 views

CVE-2026-34366

CVE-2026-34366 affects InvoiceShelf prior to v2.2.0. An SSRF exists in the Payment receipt PDF generation module where user-supplied HTML in the Notes field is passed unsanitised to the Dompdf renderer, allowing remote resources to be fetched. The issue is exploitable directly via the PDF receipt...

8.1CVSS5.8AI score0.00245EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder