diff --git a/htdocs/comm/propal.php b/htdocs/comm/propal.php
index a0ef8878d1f7a15dc3f0d3bc332a24b975e613ba..38e485ae56347ed41f2ecb08e9b9acb42618f4be 100644
--- a/htdocs/comm/propal.php
+++ b/htdocs/comm/propal.php
@@ -2194,7 +2194,7 @@ if ($action == 'create')
 
 		$ref = dol_sanitizeFileName($object->ref);
 		include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php';
-		$fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/'));
+		$fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 		$file = $fileparams ['fullname'];
 
 		// Define output language
@@ -2219,7 +2219,7 @@ if ($action == 'create')
 				dol_print_error($db, $result);
 				exit();
 			}
-			$fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/'));
+			$fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 			$file = $fileparams ['fullname'];
 		}
 
diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php
index e6be7a8d74bf94729f762c4729680e1ae4d5517f..e932a9eb4995a38f6d7c52dab10f66316da97832 100644
--- a/htdocs/commande/card.php
+++ b/htdocs/commande/card.php
@@ -2285,7 +2285,7 @@ if ($action == 'create' && $user->rights->commande->creer) {
 
 			$ref = dol_sanitizeFileName($object->ref);
 			include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php';
-			$fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/'));
+			$fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 			$file = $fileparams ['fullname'];
 
 			// Define output language
@@ -2310,7 +2310,7 @@ if ($action == 'create' && $user->rights->commande->creer) {
 					dol_print_error($db, $result);
 					exit();
 				}
-				$fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/'));
+				$fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 				$file = $fileparams ['fullname'];
 			}
 
diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php
index e247863a01519acd3900e3cec9ae80b5572f94b1..86e027034b045cc65385b64b70908a700d3f3ca1 100644
--- a/htdocs/compta/facture.php
+++ b/htdocs/compta/facture.php
@@ -3561,7 +3561,7 @@ if ($action == 'create')
 
 		$ref = dol_sanitizeFileName($object->ref);
 		include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php';
-		$fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/'));
+		$fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 		$file = $fileparams ['fullname'];
 
 		// Define output language
@@ -3586,7 +3586,7 @@ if ($action == 'create')
 				dol_print_error($db, $result);
 				exit();
 			}
-			$fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/'));
+			$fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 			$file = $fileparams ['fullname'];
 		}
 
diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php
index 7187506db148c4c7c5374f7632f9a0b3dd0cab34..d072e9978a355627e088766e9cf0921e60635f55 100644
--- a/htdocs/expedition/card.php
+++ b/htdocs/expedition/card.php
@@ -1621,7 +1621,7 @@ else if ($id || $ref)
 	{
 		$ref = dol_sanitizeFileName($object->ref);
 		include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
-		$fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref,'/'));
+		$fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 		$file=$fileparams['fullname'];
 
 		// Define output language
@@ -1648,7 +1648,7 @@ else if ($id || $ref)
 				dol_print_error($db,$result);
 				exit;
 			}
-			$fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref,'/'));
+			$fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 			$file=$fileparams['fullname'];
 		}
 
diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php
index f5fcd07670997cf1d1a393a083c562d831924e1f..19616ba8fa0669cd0dfd5cd1dd41ca1594e8ed32 100644
--- a/htdocs/fichinter/card.php
+++ b/htdocs/fichinter/card.php
@@ -1732,7 +1732,7 @@ else if ($id > 0 || ! empty($ref))
 	{
 		$ref = dol_sanitizeFileName($object->ref);
 		include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
-		$fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref,'/'));
+		$fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 		$file=$fileparams['fullname'];
 
 		// Define output language
@@ -1759,7 +1759,7 @@ else if ($id > 0 || ! empty($ref))
 				dol_print_error($db,$result);
 				exit;
 			}
-			$fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref,'/'));
+			$fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 			$file=$fileparams['fullname'];
 		}
 
diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php
index a6ac9c42b56bc9f8e73ab19ff5a3ea4579ecbeee..b886ed55d88dc85a78b1032fcea0ebe4954011fa 100644
--- a/htdocs/fourn/commande/card.php
+++ b/htdocs/fourn/commande/card.php
@@ -1920,7 +1920,7 @@ elseif (! empty($object->id))
 	{
 		$ref = dol_sanitizeFileName($object->ref);
 		include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
-		$fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref,'/'));
+		$fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 		$file=$fileparams['fullname'];
 
 		// Define output language
@@ -1947,7 +1947,7 @@ elseif (! empty($object->id))
 				dol_print_error($db,$result);
 				exit;
 			}
-			$fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref,'/'));
+			$fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
 			$file=$fileparams['fullname'];
 		}
 
diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php
index 54ef660f6aa7981b0b277fa4e8fe96c80ba01ae0..947db69fda5a366ba91689fca3dbcc895775e365 100644
--- a/htdocs/fourn/facture/card.php
+++ b/htdocs/fourn/facture/card.php
@@ -2396,7 +2396,7 @@ else
         {
             $ref = dol_sanitizeFileName($object->ref);
             include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
-            $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref,'/'));
+            $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
             $file=$fileparams['fullname'];
 
             // Define output language
@@ -2423,7 +2423,7 @@ else
                     dol_print_error($db,$result);
                     exit;
                 }
-                $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref,'/'));
+                $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref, '/').'\.([a-z0-9])+$');
                 $file=$fileparams['fullname'];
             }