CVE-2023-23169
MEDIUMSynapsoft pdfocus 1.17 - Path Traversal and Server-Side Request Forgery
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2023-23169. PoCs published by S4nshine.
AI-analyzed exploit summary This repository provides a functional proof-of-concept for CVE-2023-23169, demonstrating Local File Inclusion (LFI) and Server-Side Request Forgery (SSRF) vulnerabilities in PDFocus services. The exploit involves uploading a crafted DOCX file containing an iframe tag to trigger the vulnerabilities.
Description
Synapsoft pdfocus 1.17 is vulnerable to local file inclusion and server-side request forgery Directory Traversal.
Exploits (1)
This repository provides a functional proof-of-concept for CVE-2023-23169, demonstrating Local File Inclusion (LFI) and Server-Side Request Forgery (SSRF) vulnerabilities in PDFocus services. The exploit involves uploading a crafted DOCX file containing an iframe tag to trigger the vulnerabilities.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N