Lucene search
K

7 matches found

GithubExploit
GithubExploit
added 2026/03/30 8:49 a.m.129 views

tudo-exploits-oswe-prep

tudo-exploits-oswe-prep A project contains all exploits of vul...

6AI score
Exploits0
NVD
NVD
added 2023/02/01 12:15 a.m.29 views

CVE-2023-23924

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

10CVSS9.5AI score0.03572EPSS
Exploits2References3
Prion
Prion
added 2023/02/01 12:15 a.m.21 views

Remote code execution

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

7.5CVSS9.5AI score0.03572EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2023/01/31 11:54 p.m.62 views

CVE-2023-23924 URI validation failure on SVG parsing in Dompdf

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

10CVSS9.7AI score0.03572EPSS
Exploits2References3
Debian CVE
Debian CVE
added 2023/01/31 11:54 p.m.32 views

CVE-2023-23924

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

10CVSS9.6AI score0.03572EPSS
Exploits2
FreeBSD
FreeBSD
added 2013/04/24 12:0 a.m.32 views

Joomla! -- XXS and DDoS vulnerabilities

The JSST and the Joomla! Security Center report: 20130405 - Core - XSS Vulnerability Inadequate filtering leads to XSS vulnerability in Voting plugin. 20130403 - Core - XSS Vulnerability Inadequate filtering allows possibility of XSS exploit in some circumstances. 20130402 - Core - Information...

5.5CVSS5.8AI score0.04848EPSS
Exploits6References1
Cvelist
Cvelist
added 2013/02/08 8:0 p.m.20 views

CVE-2013-1465

The Cubecart::basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config object...

9.4AI score0.07086EPSS
Exploits6References9
Rows per page
Query Builder