• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-1236

CVE-2020-25445

February 26, 2023 by

The “Subscribe” feature in Ultimate Booking System Booking Core 1.7.0 is vulnerable to CSV formula injection. The input containing the excel formula is not being sanitized by the application. As a result when admin in backend download and open the csv, content of the cells are executed.

CVE-2020-25398

February 26, 2023 by

CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality.

CVE-2020-25170

February 26, 2023 by

An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export.

CVE-2020-24707

February 26, 2023 by

Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content.

CVE-2020-22390

February 26, 2023 by

Akaunting <= 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened.

CVE-2020-22274

February 26, 2023 by

JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer’s profile.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 6
  • Go to page 7
  • Go to page 8
  • Go to page 9
  • Go to page 10
  • Interim pages omitted …
  • Go to page 26
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE