CVE-2026-8193 | Akaunting 3.1.21 Invoice PDF Rendering config/dompdf.php server-side request forgery

Inserito da Angelo Barbosa | Mag 8, 2026 | CVE

A vulnerability labeled as critical has been found in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery.

The identification of this vulnerability is CVE-2026-8193. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-8193 | Akaunting 3.1.21 Invoice PDF Rendering config/dompdf.php server-side request forgery

Post correlati

CVE-2024-57875 | Linux Kernel up to 6.12.4 disk_zone_is_conv null pointer dereference

Issue 278 | LigeroSmart up to 6.1.24 Environment Variable REQUEST_URI cross site scripting

CVE-2024-0779 | Enjoy Social Feed Plugin up to 6.2.2 on WordPress cross-site request forgery

CVE-2024-5076 | WP-FeedStats wp-eMember Plugin up to 10.6.5 on WordPress cross-site request forgery