CVE-2026-7182 Path Traversal in Diagram

Diagram's export module is vulnerable to Path Traversal in src attribute due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated pdf. This issue was fixed in version 1.1.1...

PT-2026-41297

Diagram's export module is vulnerable to Path Traversal in src attribute due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated pdf. This issue was fixed in version 1.1.1...

PT-2026-26335

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, users with the Notes - my encounters role can fill Eye Exam forms in patient encounters. The answers to the form can be printed out in PDF form. An arbitrary file read...

The vulnerability of the export plugin for Better PDF Exporter, a data processing center for Atlassian Jira Server and Data Center, allows a hacker to view arbitrary PDF files.

The vulnerability of the Better PDF Exporter plugin for exporting PDF files from Atlassian Jira Server and Data Center lies in insufficient testing of server-side requests. Exploiting this vulnerability could allow attackers to view arbitrary PDF files...

DTEN D5 and DTEN D7 Information Disclosure Vulnerabilities (CNVD-2020-03013)

The DTEN D5 and DTEN D7 are both stylus pens from DTEN. A security vulnerability exists in the DTEN D5 version prior to 1.3 and the D7 version prior to 1.3, which originates when the program passes user data files over the HTTP protocol. The vulnerability can be exploited by an attacker to access...