CWE-1236: CWE-1236

CVE-2023-53929 is a CSV injection vulnerability in phpMyFAQ 3.1.12 that allows authenticated users to inject malicious formulas into their profile nam...

CVE-2023-53913 is a CSV injection vulnerability in Rukovoditel 3.3.1 that allows authenticated users to inject malicious formulas into user profile fi...

CVE-2023-51336 is a CSV injection vulnerability in PHPJabbers Meeting Room Booking System v1.0 that allows attackers to execute remote code by injecti...

PHPJabbers Cinema Booking System v1.0 has a CSV injection vulnerability that allows attackers to execute arbitrary code on the server. This affects ad...

CVE-2023-51319 is a CSV injection vulnerability in PHPJabbers Bus Reservation System v1.1 that allows attackers to execute arbitrary code through mali...

CVE-2023-51311 is a CSV injection vulnerability in PHPJabbers Car Park Booking System v3.0 that allows attackers to execute remote code by exploiting ...

PHPJabbers Hotel Booking System v4.0 has a CSV injection vulnerability that allows attackers to execute arbitrary code when malicious CSV files are pr...

A CSV injection vulnerability in Taiga v6.8.1 allows attackers to execute arbitrary code by uploading specially crafted CSV files. This affects organi...

CVE-2023-48207 is a CSV injection vulnerability in Availability Booking Calendar 5.0 that allows attackers to inject malicious formulas into exported ...

This CVE describes a CSV injection vulnerability in the Directorist WordPress plugin. Attackers can embed malicious formulas in CSV files that execute...

This vulnerability allows authenticated WordPress users with export permissions to inject malicious formulas into CSV files exported via the WP CSV Ex...

This vulnerability allows authenticated attackers to inject malicious formulas into CSV files exported by the Simple CSV/XLS Exporter WordPress plugin...

This CVE describes a CSV injection vulnerability in the WordPress Post to CSV plugin by BestWebSoft. Attackers can embed malicious formulas in CSV fil...

CVE-2022-28864 is a CSV injection vulnerability in Nokia NetAct's Administration of Measurements website section. Malicious users can inject code into...

Minical 1.0.0 and earlier contains a CSV injection vulnerability in the Accounting module's Customer Name field that allows remote code execution when...

This vulnerability allows CSV formula injection attacks in alf.io event management software. Attackers can embed malicious formulas in CSV files that ...

The Exports and Reports WordPress plugin before version 0.9.2 contains a CSV injection vulnerability that allows attackers to inject malicious formula...

The Request a Quote WordPress plugin through version 2.3.7 allows unauthenticated attackers to upload malicious CSV files. When an administrator downl...

This vulnerability in IBM Guardium Data Encryption allows CSV injection attacks where malicious formulas can be embedded in exported CSV files. When o...

CVE-2021-41824 is a CSV injection vulnerability in Craft CMS that allows attackers to inject malicious formulas into exported CSV files. When victims ...

CVE-2021-27020 is a CSV injection vulnerability in Puppet Enterprise where user input wasn't properly sanitized during CSV export operations. This all...

A CSV injection vulnerability in ManageEngine ADSelfService Plus allows unauthenticated attackers to inject malicious formulas into the login panel. W...

CVE-2020-22390 is a CSV injection vulnerability in Akaunting accounting software that allows attackers to inject malicious formulas into exported CSV ...

ProjectSend r1605 contains a CSV injection vulnerability where authenticated users can embed malicious formulas in user profile names. When administra...

This vulnerability in IBM Cognos Controller allows authenticated attackers to perform formula injection attacks by manipulating file contents. Success...

This CSV injection vulnerability in IBM Aspera Console allows authenticated attackers to execute arbitrary code on affected systems by tricking users ...