2 matches found
PT-2026-49156
Summary CSV formula injection also known as formula injection or CSV injection affects customer export. User-controlled values customer names, email addresses, and shipping addresses. When an administrator opens a crafted Export in Microsoft Excel or LibreOffice Calc, formulas embedded in user da...
PT-2018-12770 · Php · Php Template Store Script
Name of the Vulnerable Software and Affected Versions: PHP Template Store Script version 3.0.6 Description: The issue allows for cross-site scripting XSS attacks through specific fields in a user's profile, including the Address line 1, Address Line 2, Bank name, or A/C Holder name field...