6 matches found
CVE-2022-41343
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...
Exploit for Files or Directories Accessible to External Parties in Dompdf_Project Dompdf
CVE-2022-41343 ๐ Python Exploit for CVE-2022-41343 Staged Rev...
CVE-2022-41343
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...
CVE-2022-41343
CVE-2022-41343 affects Dompdf before 2.0.1, where registerFont in FontMetrics.php allows remote file inclusion because URI validation fails to stop font registration. Exploit PoCs and Python scripts/staged reverse-shell demos exist (e.g., via @font-face). Impact is remote access to font assets po...
CVE-2022-41343
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...
Remote file inclusion
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...