Lucene search
K

75 matches found

NVD
NVD
added 2018/11/07 5:29 a.m.17 views

CVE-2018-19047

mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a 'img src="http://192.168' substring that triggers a call to getImage in Image/ImageProcessor.php. NOTE: the software maintainer disputes this, stating "If you allow users to pass HT...

10CVSS9.4AI score0.02084EPSS
Exploits1References1
OSV
OSV
added 2018/11/07 5:29 a.m.10 views

CVE-2018-19047

mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a 'img src="http://192.168' substring that triggers a call to getImage in Image/ImageProcessor.php. NOTE: the software maintainer disputes this, stating "If you allow users to pass HT...

10CVSS9.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2018/11/07 5:0 a.m.16 views

CVE-2018-19047

mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a 'img src="http://192.168' substring that triggers a call to getImage in Image/ImageProcessor.php. NOTE: the software maintainer disputes this, stating "If you allow users to pass HT...

6.8AI score0.02084EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/07 5:0 a.m.19 views

CVE-2018-19047

mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a 'img src="http://192.168' substring that triggers a call to getImage in Image/ImageProcessor.php. NOTE: the software maintainer disputes this, stating "If you allow users to pass HT...

9.4AI score0.02084EPSS
Exploits1References1
CVE
CVE
added 2018/11/07 5:0 a.m.80 views

CVE-2018-19047

CVE-2018-19047 concerns mPDF up to version 7.1.6 where SSRF is possible when mPDF is deployed as a web app that accepts arbitrary HTML. The credible details across connected docs describe an SSRF path demonstrated by an <img src="http://192.168…> trigger calling getImage in Image/ImageProce...

10CVSS9.3AI score0.02084EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2018/11/07 12:0 a.m.7 views

PT-2018-14766 · Mpdf · Mpdf

Name of the Vulnerable Software and Affected Versions: mPDF versions prior to 7.1.7 Description: The issue allows for Server-Side Request Forgery SSRF if mPDF is deployed as a web application that accepts arbitrary HTML. This can be demonstrated by an substring that triggers a call to getImage in...

10CVSS9.4AI score0.02084EPSS
Exploits1References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.31 views

mPDF <= 5.3 File Disclosure

No description provided by source. Exploit Title: mPDF = 5.3 File Disclosure Google Dork: Please no dork Date: 16th December 2011 Author: ZadYree Software Link: http://www.mpdf1.com/mpdf/download Version: 5.3 and prior Tested on: Multiple CVE : N/A !/usr/bin/perl -U =head1 TITLE mPDF = 5.3 File...

7.1AI score
Exploits0
NVD
NVD
added 2012/10/25 5:55 p.m.11 views

CVE-2011-5219

Directory traversal vulnerability in examples/showcode.php in mPDF 5.3 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter...

5CVSS6.7AI score0.09156EPSS
Exploits1References4
Prion
Prion
added 2012/10/25 5:55 p.m.14 views

Directory traversal

Directory traversal vulnerability in examples/showcode.php in mPDF 5.3 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter...

5CVSS7.2AI score0.09156EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2012/10/25 5:0 p.m.13 views

CVE-2011-5219

Directory traversal vulnerability in examples/showcode.php in mPDF 5.3 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter...

6.7AI score0.09156EPSS
Exploits1References4
CVE
CVE
added 2012/10/25 5:0 p.m.48 views

CVE-2011-5219

CVE-2011-5219: A directory traversal flaw affects mPDF

5CVSS6.9AI score0.09156EPSS
Exploits1References4Affected Software1
myhack58
myhack58
added 2011/12/18 12:0 a.m.20 views

mPDF <= 5.3 file disclosure and fix-vulnerability warning-the black bar safety net

Title: mPDF = 5.3 File Disclosure Author: ZadYree Download address: http://www.mpdf1.com/mpdf/download Affected versions: 5.3 and prior Test platform: multiple !/ usr/bin/perl-U =head1 TITLE mPDF = 5.3 File Disclosure Exploit 0day =head2 SYNOPSIS -- examples/showcode.php --...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/12/16 12:0 a.m.25 views

mPDF 5.3 File Disclosure

Exploit Title: mPDF = 5.3 File Disclosure Google Dork: Please no dork Date: 16th December 2011 Author: ZadYree Software Link: http://www.mpdf1.com/mpdf/download Version: 5.3 and prior Tested on: Multiple CVE : N/A !/usr/bin/perl -U =head1 TITLE mPDF = 5.3 File Disclosure Exploit 0day =head2...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/12/16 12:0 a.m.16 views

mPDF 5.3 - File Disclosure

mPDF 5.3 - File Disclosure Exploit Title: mPDF 1; use c...

7.4AI score
Exploits0
0day.today
0day.today
added 2011/12/16 12:0 a.m.20 views

mPDF <= 5.3 File Disclosure

Exploit for php platform in category web applications Exploit Title: mPDF = 5.3 File Disclosure Google Dork: Please no dork Date: 16th December 2011 Author: ZadYree Software Link: http://www.mpdf1.com/mpdf/download Version: 5.3 and prior Tested on: Multiple CVE : N/A !/usr/bin/perl -U =head1 TITL...

7.1AI score
Exploits0
Rows per page
Query Builder