CVE-2019-25729

PDF Signer 3.0 Server-Side Template Injection RCE via CSRF Cookie

CVSS 9.3 CRITICALEPSS 0.3%CWE-352

PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP commands through the CSRF-TOKEN cookie parameter. Attackers can craft malicious cookie values containing template injection payloads like shell_exec() to execute system commands and retrieve sensitive information from the server.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

simcy_creative · PDF Signer

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/46276unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://codecanyon.net/item/signer-create-digital-signatures-and-sign-pdf-documents-online/20737707 https://codecanyon.net/user/simcy_creative https://www.exploit-db.com/exploits/46276 https://www.vulncheck.com/advisories/pdf-signer-server-side-template-injection-rce-via-csrf-cookie