CSV Injection

Poweradmin is vulnerable to CSV Injection. The vulnerability is due to improper sanitization of user-controlled data before exporting it to CSV files, which allows an attacker to inject malicious spreadsheet formulas that execute when an administrator opens the exported file...

GHSA-3H6H-67X3-CV5X Poweradmin: CSV Injection in log export endpoints allows formula execution in spreadsheet applications

Description: Summary Poweradmin v4.4.0 is vulnerable to CSV Injection Formula Injection in its log export functionality. User-controlled data — specifically the username field — is written to exported CSV files without sanitizing formula trigger characters =, +, -, @. When an administrator export...

Poweradmin: CSV Injection in log export endpoints allows formula execution in spreadsheet applications

Description: Summary Poweradmin v4.4.0 is vulnerable to CSV Injection Formula Injection in its log export functionality. User-controlled data — specifically the username field — is written to exported CSV files without sanitizing formula trigger characters =, +, -, @. When an administrator export...

PT-2026-47544

Description: Summary Poweradmin v4.4.0 is vulnerable to CSV Injection Formula Injection in its log export functionality. User-controlled data — specifically the username field — is written to exported CSV files without sanitizing formula trigger characters =, +, -, @. When an administrator export...

PT-2026-47615

Description: Summary Poweradmin v4.4.0 is vulnerable to CSV Injection Formula Injection in its log export functionality. User-controlled data — specifically the username field — is written to exported CSV files without sanitizing formula trigger characters =, +, -, @. When an administrator export...

Multiple Vulnerabilities in Joomla! JSN PowerAdmin Extensio

Joomla is the United States Open Source Matters team developed a set of open source content management system CMS. j Cross-site scripting vulnerability and cross-site request forgery vulnerability exists in Joomla! JSN PowerAdmin Extensio version 2.3.0, which can be exploited by an attacker to...

JSN PowerAdmin extension for Joomla!: source code security analysis report

Several vulnerabilities were discovered in JoomlaShine 'JSN PowerAdmin extension for Joomla!' software: Using Insufficiently Random Generators in Cryptography HttpOnly Cookies Incorrect Permissions for External Entities During XML Document Processing Incorrect User Input Filtration when...

Joomla! Extension JSN Poweradmin 2.3.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications JSN PowerAdmin Joomla! Extension Remote Command Execution Via CSRF and XSS vulnerabilities --------------------------------------------------------- Product: JSN PowerAdmin Joomla! Extension Vendor: JoomlaShine.com Tested Versions: 2.3.0 Other...

JSN PowerAdmin 2.3.0 Code Exection / CSRF / XSS

--------------------------------------------------------- RatioSec Research Security Advisory RS-2016-001 --------------------------------------------------------- JSN PowerAdmin Joomla! Extension Remote Command Execution Via CSRF and XSS vulnerabilities...

FreeBSD : poweradmin -- multiple XSS vulnerabilities (f7809d9e-6af0-11e2-8e32-080027d768d3)

Multiple cross-site scripting XSS vulnerabilities Multiple scripts are vulnerable to XSS attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and...

Poweradmin index.php XSS

The Poweradmin install hosted on the remote web server is affected by a cross-site scripting vulnerability because it fails to properly sanitize user input appended to the URL of the 'index.php' script. An attacker may be able to leverage this to inject arbitrary HTML and script code into a user'...

Poweradmin - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/55619/info Poweradmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Poweradmin - index.php Cross-Site Scripting

Poweradmin - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/55619/info Poweradmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

poweradmin -- multiple XSS vulnerabilities

Multiple cross-site scripting XSS vulnerabilities Multiple scripts are vulnerable to XSS attacks...