10 matches found
CVE-2025-15255
creationtimestamp| type| source ---|---|--- 2025-12-29 10:48:09+00:00| seen| https://infosec.exchange/users/vuldb/statuses/115802458596348796 2025-12-30 17:48:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mb7vuzyy4x2q 2026-01-08 11:21:33+00:00| seen|...
CVE-2020-15255
In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software for example, when a cell value starts with an equal sign. This is fixed in version 1.19.23.5325...
Anuko Time Tracker 1.19.23.5325 CSV Injection
Exploit Title: Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection Date: 2020-10-17 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5325 Tested on: Kali Linux 2020.3 CVE: CVE-2020-15255...
Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection
Exploit Title: Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection Date: 2020-10-17 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5325 Tested on: Kali Linux 2020.3 CVE: CVE-2020-15255...
CVE-2020-15255 CSV injection in Anuko Time Tracker
In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software for example, when a cell value starts with an equal sign. This is fixed in version 1.19.23.5325...
CVE-2020-15255
CVE-2020-15255 affects Anuko Time Tracker prior to 1.19.23.5325, where a CSV export of a report could contain cells treated as formulas due to insufficient input filtering (CSV/Formula Injection). The underlying vulnerability is the lack of proper filtering of user input in exports, which could a...
CVE-2019-15255
creationtimestamp| type| source ---|---|--- 2020-01-26 12:37:47+00:00| published-proof-of-concept| https://t.me/cveNotify/404...
CVE-2019-15255 Cisco Identity Services Engine Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it...
CVE-2019-15255
Cisco Identity Services Engine (ISE) web-based management interface suffers an authorization bypass due to insufficient URL input sanitization. Authenticated, remote attacker could craft a URL to bypass authentication and access sensitive device information. Affected product is Cisco ISE (notably...
CVE-2017-15255
Summary: CVE-2017-15255 affects IrfanView 4.44 (32-bit) with PDF plugin 4.43. A crafted PDF can cause a denial of service and potentially other impact (Read Access Violation in PDF parser). The vulnerability is local to IrfanView’s PDF handling and thumbnailing paths. Affected component: IrfanVie...