CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

OSV•added 2026/06/13 11:27 a.m.•6 views

ROOT-APP-NPM-CVE-2024-34448 CVE-2024-34448 in @rootio/tryghost__members-csv - Patched by Root

Root has patched CVE-2024-34448 in the @rootio/tryghostmembers-csv package for Root:npm. Multiple fixed versions available...

8.8CVSS7.8AI score0.00723EPSS

Exploits2

vulnersOsv•added 2024/05/22 6:30 p.m.•7 views

7ghost (>=4.11.0 <=4.11.46), @igames/ghost (>=3.41.6 <=4.0.0-alpha.2) +5 more potentially affected by CVE-2024-34448 via @tryghost/members-csv (>=0.1.2 <=1.2.3)

@tryghost/members-csv NPM version =0.1.2, =4.11.0, =3.41.6, =0.1.0, =3.21.0, =5.4.1 - nshakhatghost =4.17.1 Source cves: CVE-2024-34448 Source advisory: OSV:GHSA-XGWH-CGV9-783V...

8.8CVSS7.2AI score0.00723EPSS

Exploits2

NVD•added 2024/05/22 4:15 p.m.•16 views

CVE-2024-34448

Ghost before 5.82.0 allows CSV Injection during a member CSV export...

8.8CVSS6.9AI score0.00723EPSS

Exploits2References1

OSV•added 2024/05/22 4:15 p.m.•7 views

CVE-2024-34448

Ghost before 5.82.0 allows CSV Injection during a member CSV export...

8.8CVSS8.8AI score0.00723EPSS

Exploits2References1

CVE•added 2024/05/22 4:1 p.m.•72 views

CVE-2024-34448

CVE-2024-34448 affects Ghost prior to 5.82.0. The vulnerability arises in the member CSV export feature, where insufficient input sanitization enables CSV injection in exported files. Documents consistently describe Ghost as vulnerable to CSV injection via the CSV export process. Impact is descri...

8.8CVSS7.1AI score0.00723EPSS

Exploits2References1Affected Software1