A local file inclusion vulnerability in ExpertPDF 9.5.0 through 14.1.0 allows attackers to read the file contents from files that the running ExpertPDF process has access to read.
References
Link | Resource |
---|---|
https://optionalctf.com/cve-2020-35340-local-file-inclusion-in-expertpdf-9-5-0-14-1-0/ | Exploit Third Party Advisory |
Configurations
History
24 Sep 2021, 19:28
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-552 | |
References | (MISC) https://optionalctf.com/cve-2020-35340-local-file-inclusion-in-expertpdf-9-5-0-14-1-0/ - Exploit, Third Party Advisory | |
CPE | cpe:2.3:a:expertpdf:expertpdf:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
15 Sep 2021, 14:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A local file inclusion vulnerability in ExpertPDF 9.5.0 through 14.1.0 allows attackers to read the file contents from files that the running ExpertPDF process has access to read. |
15 Sep 2021, 12:28
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-09-15 12:15
Updated : 2023-12-10 14:09
NVD link : CVE-2020-35340
Mitre link : CVE-2020-35340
CVE.ORG link : CVE-2020-35340
JSON object : View
Products Affected
expertpdf
- expertpdf
CWE
CWE-552
Files or Directories Accessible to External Parties