251 matches found
CVE-2026-22923
A vulnerability has been identified in NX All versions V2512, NX Managed Mode All versions V2512. The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially...
CVE-2026-22923
A vulnerability has been identified in NX All versions V2512, NX Managed Mode All versions V2512. The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially...
CVE-2026-22923
A vulnerability has been identified in NX All versions V2512, NX Managed Mode All versions V2512. The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially...
CVE-2026-22923
A vulnerability has been identified in NX All versions V2512, NX Managed Mode All versions V2512. The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially...
PT-2026-7251
Name of the Vulnerable Software and Affected Versions NX versions prior to 2512 Description The application contains a data validation issue that may allow an attacker with local access to manipulate internal data during the PDF export process. This could potentially lead to arbitrary code...
CVE-2026-0521
A reflected cross-site scripting XSS vulnerability in the PDF export functionality of the TYDAC AG MAP+ solution allows unauthenticated attackers to craft a malicious URL, that if visited by a victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered through...
CVE-2026-0521
A reflected cross-site scripting XSS vulnerability in the PDF export functionality of the TYDAC AG MAP+ solution allows unauthenticated attackers to craft a malicious URL, that if visited by a victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered through...
CVE-2026-0521
A reflected cross-site scripting XSS vulnerability in the PDF export functionality of the TYDAC AG MAP+ solution allows unauthenticated attackers to craft a malicious URL, that if visited by a victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered through...
CVE-2026-0521
A reflected cross-site scripting XSS vulnerability in the PDF export functionality of the TYDAC AG MAP+ solution allows unauthenticated attackers to craft a malicious URL, that if visited by a victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered through...
CVE-2026-0521 Reflected Cross-Site Scripting in PDF Export Error Message
A reflected cross-site scripting XSS vulnerability in the PDF export functionality of the TYDAC AG MAP+ solution allows unauthenticated attackers to craft a malicious URL, that if visited by a victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered through...
CVE-2026-0521
CVE-2026-0521 is a reflected XSS in TYDAC AG MAP+ PDF export. Affects MAP+ 3.4.0; an unauthenticated attacker can craft a malicious URL that, when visited by a victim, executes arbitrary JavaScript in the victim’s context. Verified in MAP+: 3.4.0. Remediation: there is no confirmed fixed version ...
PT-2026-6678
Name of the Vulnerable Software and Affected Versions TYDAC AG MAP+ version 3.4.0 Description A reflected cross-site scripting XSS flaw exists in the PDF export functionality. This allows unauthenticated attackers to create a malicious URL. If a victim accesses this URL, arbitrary JavaScript code...
CVE-2020-36944
ILIAS Learning Management System 4.3 contains a server-side request forgery vulnerability that allows attackers to read local files through portfolio PDF export functionality. Attackers can inject a script that uses XMLHttpRequest to retrieve local file contents when the portfolio is exported to...
CVE-2020-36944 ILIAS Learning Management System 4.3 - SSRF
ILIAS Learning Management System 4.3 contains a server-side request forgery vulnerability that allows attackers to read local files through portfolio PDF export functionality. Attackers can inject a script that uses XMLHttpRequest to retrieve local file contents when the portfolio is exported to...
CVE-2020-36944 ILIAS Learning Management System 4.3 - SSRF
ILIAS Learning Management System 4.3 contains a server-side request forgery vulnerability that allows attackers to read local files through portfolio PDF export functionality. Attackers can inject a script that uses XMLHttpRequest to retrieve local file contents when the portfolio is exported to...
ILIAS code-related vulnerabilities
ILIAS is an open-source learning management system developed by ILIAS. Version 4.3 of ILIAS has code-related vulnerabilities; these vulnerabilities stem from server-side request forgery in the portfolio PDF export function, which may lead to the reading of local files...
POC-Generator-Burp_Suite_Extension
🎯 POC Generator - Burp Suite Extension From vulnerability...
Authenticated RCE in Splunk (SimpleXML dashboard PDF generation)
This Metasploit module exploits a Remote Code Execution RCE vulnerability in Splunk Enterprise. An attacker can inject arbitrary Python code into style parameters, such as the fillColor or lineColor of a sparkline element within a Splunk SimpleXML dashboard. The malicious code is executed when a...
📄 Splunk Enterprise 8.2.9 / 9.0.2 Remote Code Execution
This Metasploit module exploits a remote code execution vulnerability in Splunk Enterprise. An attacker can inject arbitrary Python code into style parameters, such as the fillColor or lineColor of a sparkline element within a Splunk SimpleXML dashboard. The malicious code is executed when a user...
CVE-2026-22200
Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...