CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-51058

Local File Inclusion (LFI) vulnerability has been discovered in TCPDF 6.7.5. This vulnerability enables a user to read arbitrary files from the server's file system through <img> src tag, potentially exposing sensitive information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.6%

CVSS Severity

CVSS v3 Score 6.2

References

https://github.com/saravana-hackz/vulnerability-research/tree/main/CVE-2024-51058
https://github.com/tecnickcom/TCPDF
https://github.com/tecnickcom/TCPDF/commit/bfa7d2b6d455ebf72ebe3d48fbd487ee5a1f6f3b

Products affected by CVE-2024-51058

Tcpdf Project » Tcpdf » Version: 6.7.5

cpe:2.3:a:tcpdf_project:tcpdf:6.7.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-51058

Products

Pricing

Contact Us