VYPR
Vendor

Dhtmlx

Products
3
CVEs
3
Across products
3
Status
Private

Products

3

Recent CVEs

3
  • CVE-2026-41552HigMay 15, 2026
    risk 0.49cvss 7.5epss 0.01

    PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated PDF. This…

  • CVE-2024-55214Feb 7, 2025
    risk 0.00cvss epss 0.01

    Local File Inclusion vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to obtain sensitive information via the file download functionality.

  • CVE-2013-6281Oct 25, 2013
    risk 0.00cvss epss 0.05

    Cross-site scripting (XSS) vulnerability in codebase/spreadsheet.php in the Spreadsheet (dhtmlxSpreadsheet) plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "page" parameter.