CVE-2024-51058

MEDIUM Year: 2024
CVSS v3 Score
6.2
Medium
Weakness Type
CWE-552
View all →

Vulnerability Description

Local File Inclusion (LFI) vulnerability has been discovered in TCPDF 6.7.5. This vulnerability enables a user to read arbitrary files from the server's file system through <img> src tag, potentially exposing sensitive information.

Related Vulnerabilities

CVE-2025-25267

MEDIUM
CVSS:6.2(Medium)

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application does not p...

CWE-5522025

CVE-2019-12375

MEDIUM
CVSS:6.3(Medium)

Open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to remote information disclosure and arbitrary code execution.

CWE-5522019

CVE-2020-11469

MEDIUM
CVSS:6.3(Medium)

Zoom Client for Meetings through 4.6.8 on macOS copies runwithroot to a user-writable temporary directory during installation, which allows a local process (with the user's privileges) to obtain root ...

CWE-5522020

CVE-2021-31850

MEDIUM
CVSS:6.1(Medium)

A denial-of-service vulnerability in Database Security (DBS) prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration ...

CWE-5522021

CVE-2023-47612

MEDIUM
CVSS:6.1(Medium)

A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinteri...

CWE-5522023

CVE-2021-1256

MEDIUM
CVSS:6.0(Medium)

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory ...

CWE-5522021