CVE-2010-4879

HIGH

7.5

CVSS Severity Score

EPSS Score0.0510%

EPSS Percentile22.07th

PublishedOct 7, 2011

Last ModifiedApr 29, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the input_file parameter.

Affected Platforms (CPE)

📦

Digitaljunkies

Dompdf

= 0.6.0

References & Advisories

🔗 http://www.exploit-db.com/exploits/14851

Related Vulnerabilities

CVE-2021-38389.8

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into...

CVE-2014-50138.8

DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383.

CVE-2014-62357.5

Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via ...

CVE-2013-07247.5

PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before ...