CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Tripexpress Project: >> Tripexpress >> 1.1 Security Vulnerabilities

CVE-2021-43691

tripexpress v1.1 is affected by a path manipulation vulnerability in file system/helpers/dompdf/load_font.php. The variable src is coming from $_SERVER["argv"] then there is a path manipulation vulnerability.

CVSS Score

9.8

EPSS Score

0.005

Published

2021-11-29

Page 1

Vulnerabilities

Vulnerable Software

Tripexpress Project: >> Tripexpress >> 1.1 Security Vulnerabilities

Products

Pricing

Contact Us