• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-1236

CVE-2018-16308

February 26, 2023 by

The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.

CVE-2018-16275

February 26, 2023 by

OPSWAT MetaDefender before v4.11.2 allows CSV injection.

CVE-2018-15571

February 26, 2023 by

The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV injection.

CVE-2018-15474

February 26, 2023 by

** DISPUTED ** CSV Injection (aka Excel Macro Injection or Formula Injection) in /lib/plugins/usermanager/admin.php in DokuWiki 2018-04-22a and earlier allows remote attackers to exfiltrate sensitive data and to execute arbitrary code via a value that is mishandled in a CSV export. NOTE: the vendor has stated “this is not a security problem in DokuWiki.”

CVE-2018-12244

February 26, 2023 by

SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.

CVE-2018-11652

February 26, 2023 by

CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report.

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to page 5
  • Interim pages omitted …
  • Go to page 26
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE