CVE-2018-9035

🗓️ 04 Apr 2018 19:00:29Reported by [email protected]Type

CSV Injection vulnerability in ExportToCsvUtf8.php allows remote attackers to inject spreadsheet formulas into CSV files via Contact Form 7 to Database Extension plugin 2.10.32 for WordPres

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 10
Patchstack	WordPress Contact Form 7 to Database Extension plugin 2.10.32 - CSV Injection vulnerability	9 Apr 201800:00	–	patchstack
OSV	CVE-2018-9035	4 Apr 201819:29	–	osv
Cvelist	CVE-2018-9035	4 Apr 201819:00	–	cvelist
Prion	Design/Logic Flaw	4 Apr 201819:29	–	prion
Packet Storm	WordPress Contact Form 7 To Database Extension 2.10.32 CSV Injection	31 Mar 201800:00	–	packetstorm
Exploit DB	WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection	30 Mar 201800:00	–	exploitdb
0day.today	Wordpress Contact Form 7 to Database Extension 2.10.32 Plugin - CSV Injection Vulnerability	30 Mar 201800:00	–	zdt
exploitpack	WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection	30 Mar 201800:00	–	exploitpack
WPVulnDB	Contact Form 7 to Database Extension 2.10.32 - CSV Injection	9 Apr 201800:00	–	wpvulndb
CVE	CVE-2018-9035	4 Apr 201819:29	–	cve

Nvd

Node

contact-form-7-to-database-extension_project contact-form-7-to-database-extensionRange≤2.10.32

Source	Link
exploit-db	www.exploit-db.com/exploits/44367/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Apr 2018 19:29Current

9.4High risk

Vulners AI Score9.4

CVSS26.8

CVSS39.6

EPSS0.08818

CWE-1236