CVE-2010-4879

HIGH

7.5

CVSS Severity Score

EPSS Score0.0510%

EPSS Percentile22.07th

Published2011年10月7日

Last Modified2026年4月29日

Vulnerability Description

PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the input_file parameter.

Affected Platforms (CPE)

📦

Digitaljunkies

Dompdf

= 0.6.0

References & Advisories

🔗 http://www.exploit-db.com/exploits/14851

相關漏洞威脅

CVE-2021-38389.8

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into...

CVE-2014-50138.8

DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383.

CVE-2014-62357.5

Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via ...

CVE-2013-07247.5

PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before ...