CVE-2020-36941

Knockpy 4.1.1 contains a CSV injection vulnerability that allows attackers to inject malicious formulas into CSV reports through unfiltered server headers. Attackers can manipulate server response headers to include spreadsheet formulas that will execute when the CSV is opened in spreadsheet...

Exploit for CVE-2025-30208

中文 | English Vite Dev Server Vulnerability...

CVE-2024-27785

An improper neutralization of formula elements in a CSV File CWE-1236 vulnerability in Fortinet FortiAIOps 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports...

CVE-2024-27785

CVE-2024-27785 affects Fortinet FortiAIOps 2.0.0. The flaw is improper neutralization of formula elements in CSV files, allowing a remote authenticated attacker to execute arbitrary commands on a client’s workstation via poisoned CSV reports. Exploitation requires authentication; an attacker can ...

Empower your Cloud Ops Teams – Publish Qualys CloudView Security Assessment Reports to their Slack Channel

In today’s constantly changing and evolving cloud environments, being able to quickly provide information on misconfigurations and security policy violations in your cloud accounts and assets has become a critical need to the success of your security operations. Many cloud platforms offer tools...

DEBIAN-CVE-2018-11652

CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report...