Kimai has an arbitrary file read in its invoice PDF renderer (admin)

Summary Users with the role System-Admin ROLESYSTEADMIN and the permission uploadinvoicetemplate can upload PDF invoice templates, which can call pdfContext.setOption'associatedfiles', ... inside the sandboxed Twig render. This is forwarded to mPDF's SetAssociatedFiles, whose writer calls...

GHSA-H5FH-7HWR-97MW Kimai has an arbitrary file read in its invoice PDF renderer (admin)

Summary Users with the role System-Admin ROLESYSTEADMIN and the permission uploadinvoicetemplate can upload PDF invoice templates, which can call pdfContext.setOption'associatedfiles', ... inside the sandboxed Twig render. This is forwarded to mPDF's SetAssociatedFiles, whose writer calls...

CVE-2026-44298

Kimai is an open-source time tracking application. From version 2.32.0 to before version 2.56.0, users with the role System-Admin ROLESYSTEADMIN and the permission uploadinvoicetemplate can upload PDF invoice templates, which can call pdfContext.setOption'associatedfiles', ... inside the sandboxe...

PT-2026-38651

Name of the Vulnerable Software and Affected Versions Kimai versions 2.32.0 through 2.55.x Description Users with the System-Admin role ROLE SYSTE ADMIN and the upload invoice template permission can upload PDF invoice templates that execute pdfContext.setOption'associated files', ... within the...

osTicket Arbitrary File Read via PHP Filter Chains in mPDF

This module exploits an arbitrary file read vulnerability in osTicket CVE-2026-22200. The vulnerability exists in osTicket's PDF export functionality which uses mPDF. By injecting a specially crafted HTML payload containing PHP filter chain URIs into a ticket reply, an attacker can read arbitrary...

PHP Remote File Inclusion

Overview mpdf/mpdf is a PHP library generating PDF files from UTF-8 encoded HTML. Affected versions of this package are vulnerable to PHP Remote File Inclusion via the annotation file parameters. An attacker can access arbitrary system files by supplying crafted annotation content containing file...

CVE-2022-50897

mPDF 7.0 contains a local file inclusion vulnerability that allows attackers to read arbitrary system files by manipulating annotation file parameters. Attackers can generate URL-encoded or base64 payloads to include local files through crafted annotation content with file path specifications...

CVE-2022-50897

mPDF 7.0 contains a local file inclusion vulnerability that allows attackers to read arbitrary system files by manipulating annotation file parameters. Attackers can generate URL-encoded or base64 payloads to include local files through crafted annotation content with file path specifications...

CVE-2026-22200

Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...

CVE-2022-50897 mPDF 7.0 - Local File Inclusion

mPDF 7.0 contains a local file inclusion vulnerability that allows attackers to read arbitrary system files by manipulating annotation file parameters. Attackers can generate URL-encoded or base64 payloads to include local files through crafted annotation content with file path specifications...

CVE-2022-50897

mPDF 7.0 is affected by a local file inclusion through crafted annotation file parameters, allowing reading arbitrary system files via URL-encoded or base64 payloads. Root cause: annotation content that specifies file paths enables LFI. Impact is high on confidentiality; no explicit exploit detai...

CVE-2022-50897 mPDF 7.0 - Local File Inclusion

mPDF 7.0 contains a local file inclusion vulnerability that allows attackers to read arbitrary system files by manipulating annotation file parameters. Attackers can generate URL-encoded or base64 payloads to include local files through crafted annotation content with file path specifications...

mPDF 安全漏洞

mPDF is mPDF open source a library written in PHP for the use of HTML to PDF file conversion . mPDF version 7.0 there is a security vulnerability , the vulnerability stems from the annotation file parameters exist in the local file contains a vulnerability , which may lead to read arbitrary syste...

PT-2026-2373

Name of the Vulnerable Software and Affected Versions mPDF versions 7.0 Description The software contains a local file inclusion issue that could allow attackers to read arbitrary system files. This is achieved by manipulating annotation file parameters, enabling the use of URL-encoded or base64...

EUVD-2024-25136

Malicious code in bioql PyPI...

EUVD-2025-31309

Malicious code in bioql PyPI...

EUVD-2021-34243

Malicious code in bioql PyPI...

EUVD-2022-2163

Malicious code in bioql PyPI...

CVE-2025-60040

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fkrauthan wp-mpdf wp-mpdf allows Stored XSS.This issue affects wp-mpdf: from n/a through = 3.9.1...

WordPress wp-mpdf Plugin <= 3.9.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin wp-mpdf versions = 3.9.1...