CVE-2022-3574

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection...

CVE-2022-1800

The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability...

CVE-2021-38180

SAP Business One - version 10.0, allows an attacker to inject formulas when exporting data to Excel CSV injection due to improper sanitation during the data export. An attacker could thereby execute arbitrary commands on the victim's computer but only if the victim allows to execute macros while...

CVE-2021-24146

Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format for example...

CVE-2021-0487

In onCreate of CalendarDebugActivity.java, there is a possible way to export calendar data to the sdcard without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...

CVE-2020-25824

Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wizard. The threat model is a victim who has voluntarily opened Export Wizard but is then distracted. An attacker then approaches the unattended desktop and pushes the Export...

CVE-2020-9458

In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the export function allows remote authenticated users with minimal privileges to export submitted form data and settings via classrmformcontroller.php rmformexport...

CVE-2019-19458

SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature...

CVE-2025-29153

SQL Injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the Data export, filters functions...

CVE-2025-29153

SQL Injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the Data export, filters functions...

CVE-2025-29153

SQL Injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the Data export, filters functions...

CVE-2025-3113

A valid, authenticated user with sufficient privileges and who is aware of Continuous Compliance’s internal database configurations can leverage the application’s built-in Connector functionality to access Continuous Compliance’s internal database. This allows the user to explore the internal...

CVE-2025-3113

CVE-2025-3113 affects Delphix Masking Engine via the built-in Connector feature that exposes Continuous Compliance’s internal database. The root cause is insufficient access control, enabling a valid, authenticated user with privileges to explore the internal database schema and export data, incl...

CVE-2025-24850

An attacker can export other users' plant information...

Growatt Cloud Applications 安全漏洞

Growatt Cloud Applications is a monitoring platform from Growatt, a Chinese company. A security vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which stems from an attacker being able to export other users' plant information...

Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library

A powerful Python script that allows you to scrape messages and media from Telegram channels using the Telethon library. Features include real-time continuous scraping, media downloading, and data export capabilities. \ / / / / | | / \ \ \ | | \ \ / \ || \ / / / / Features 🚀 Scrape messages...

CVE-2025-27149

Zulip server provides an open-source team chat that helps teams stay productive and focused. Prior to 10.0, the data export to organization administrators feature in Zulip leaks private data. The collection of user-agent types identifying specific integrations or HTTP libraries E.g.,...

CVE-2025-27149

Zulip server before 10.0 has a data-export vulnerability (CVE-2025-27149) where export types for organization admins incorrectly included metadata such as user-agent identifiers for integrations and HTTP libraries, and in public data/with-consent exports exposed titles of topics in private channe...

CVE-2025-27149 Zulip exports can leak private data

Zulip server provides an open-source team chat that helps teams stay productive and focused. Prior to 10.0, the data export to organization administrators feature in Zulip leaks private data. The collection of user-agent types identifying specific integrations or HTTP libraries E.g.,...

CVE-2025-27149 Zulip exports can leak private data

Zulip server provides an open-source team chat that helps teams stay productive and focused. Prior to 10.0, the data export to organization administrators feature in Zulip leaks private data. The collection of user-agent types identifying specific integrations or HTTP libraries E.g.,...