snyk-labs/php-goof

Releases0

Stars26

Snyk PHP Goof - A vulnerable PHP demo application

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-28368 ↗	Apr 3, 2022Sunday, 3 April 2022, 03:15	9.8 CRITICAL	7.5 HIGH
Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (within an HTML input file).