Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-86336
HistoryNov 23, 2022 - 12:00 a.m.

Event Registration App CSV Injection Vulnerability

2022-11-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
javascript
event registration
csv injection
vulnerability
carlo montero
developer
v1.0
improper use
formula elements
first name
contact
remarks
arbitrary code
crafted excel file
execute

EPSS

0.001

Percentile

36.3%

JSON

Event Registration App is a JavaScript application for registering event participants by Carlo Montero’s personal developer. v1.0 of the Carlo Montero Event Registration App is vulnerable to CSV injection, which stems from improper use of the formula elements in the First Name, Contact and Remarks fields, and can be exploited to execute arbitrary code via a crafted excel file to execute arbitrary code.

Related

nvd 1
cve 1
prion 1
cvelist 1
nvd
nvd
CVE-2022-44830
2022-11-21 18:15:25
cve
cve
CVE-2022-44830
2022-11-21 18:15:25
prion
prion
Input validation
2022-11-21 18:15:00
cvelist
cvelist
CVE-2022-44830
2022-11-21 00:00:00

EPSS

0.001

Percentile

36.3%

JSON
Related for CNVD-2022-86336
nvd1cve1prion1cvelist1