250 matches found
CVE-2026-22200
Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...
CVE-2026-22200
The CVE-2026-22200 issue affects Enhancesoft osTicket 1.18.x before 1.18.3 and 1.17.x before 1.17.7, where the ticket PDF export path allows an arbitrary file read. A vulnerability arises when a ticket submission includes crafted rich-text HTML with PHP filter expressions, which are not adequatel...
EUVD-2026-1918
Enhancesoft osTicket versions up to and including 1.18.2 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficiently sanitized before bein...
CVE-2026-22200 osTicket (1.18.x < 1.18.3, 1.17.x < 1.17.7) PDF Export Arbitrary File Read
Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...
CVE-2026-22200 osTicket (1.18.x < 1.18.3, 1.17.x < 1.17.7) PDF Export Arbitrary File Read
Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...
CVE-2026-22200
Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...
Enhancesoft osTicket 注入漏洞
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. An injection vulnerability exists in Enhancesoft osTicket 1.18.2 and earlier versions, which stems from the presence of arbitrary file reads in the ticket PDF export function, which could lead to ...
PT-2026-2291
Name of the Vulnerable Software and Affected Versions osTicket versions 1.17.x prior to 1.17.7 and 1.18.x prior to 1.18.3 Description osTicket versions 1.17.x prior to 1.17.7 and 1.18.x prior to 1.18.3 contain an arbitrary file read issue in the ticket PDF export functionality. An attacker can...
CVE-2026-22600
OpenProject is an open-source, web-based project management software. A Local File Read LFR vulnerability exists in the work package PDF export functionality of OpenProject prior to version 16.6.4. By uploading a specially crafted SVG file disguised as a PNG as a work package attachment, an...
CVE-2026-22600 OpenProject is Vulnerable to Arbitrary File Read via ImageMagick SVG Coder
OpenProject is an open-source, web-based project management software. A Local File Read LFR vulnerability exists in the work package PDF export functionality of OpenProject prior to version 16.6.4. By uploading a specially crafted SVG file disguised as a PNG as a work package attachment, an...
EUVD-2026-1887
OpenProject is an open-source, web-based project management software. A Local File Read LFR vulnerability exists in the work package PDF export functionality of OpenProject prior to version 16.6.4. By uploading a specially crafted SVG file disguised as a PNG as a work package attachment, an...
CVE-2026-22600
OpenProject before 16.6.4 is affected by a Local File Read (LFR) vulnerability in the work package PDF export feature. An attacker can craft an SVG file disguised as a PNG and upload it as a work package attachment; during PDF export, ImageMagick is triggered to resize the image, causing the text...
PT-2026-2220
Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 16.6.4 Description OpenProject is a web-based project management software. A Local File Read issue exists in the work package PDF export functionality. By uploading a specially crafted SVG file disguised as a PNG ...
Uncontrolled Search Path Element
Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to unsafe executable resolution when exporting notebooks containing SVG output to PDF. During export, the svg2pdf.py preprocessor resolves the inkscape executable using shutil.which, which on Windows...
CVE-2024-14010
Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution...
CVE-2025-11693
CVE-2025-11693 affects the WordPress plugin “Export WP Page to Static HTML & PDF” (versions up to 4.3.4). It exposes authentication cookies via a publicly accessible cookies.txt log file, potentially leaking cookies injected during backups triggered by high-privilege roles (e.g., administrator). ...
EUVD-2024-55353
Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution...
CVE-2024-14010
Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution...
CVE-2024-14010 Typora 1.7.4 OS Command Injection via Export PDF Preferences
Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution...
CVE-2024-14010 Typora 1.7.4 OS Command Injection via Export PDF Preferences
Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution...