CVE-2017-18049

In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software including Microsoft Excel. For example, the CSV data may contai...

SilverStripe CMS 3.6.2 - CSV Excel Macro Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: SilverStripe CMS - 3.6.2 CSV Excel Macro Injection Vendor Homepage: https://www.silverstripe.org/ Software Link: https://www.silverstripe.org/download Discovered by: Ishaq Mohammed Contact: https://twitter.com/securityprince...

SilverStripe CMS 3.6.2 CSV Excel Macro Injection

Exploit Title: SilverStripe CMS - 3.6.2 CSV Excel Macro Injection Vendor Homepage: https://www.silverstripe.org/ Software Link: https://www.silverstripe.org/download Discovered by: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: web...

SilverStripe CMS 3.6.2 - CSV Excel Macro Injection

SilverStripe CMS 3.6.2 - CSV Excel Macro Injection Exploit Title: SilverStripe CMS - 3.6.2 CSV Excel Macro Injection Vendor Homepage: https://www.silverstripe.org/ Software Link: https://www.silverstripe.org/download Discovered by: Ishaq Mohammed Contact: https://twitter.com/securityprince Websit...

SilverStripe CMS 3.6.2 - CSV Excel Macro Injection

Exploit Title: SilverStripe CMS - 3.6.2 CSV Excel Macro Injection Vendor Homepage: https://www.silverstripe.org/ Software Link: https://www.silverstripe.org/download Discovered by: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: web...

CVE-2017-15879

CSV Injection aka Excel Macro Injection or Formula Injection exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export...

openSUSE Security Update : cacti / cacti-spine (openSUSE-2017-999)

This update for cacti and cacti-spine fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2017-12927: Cross-site scripting vulnerability in methodparameter bsc1054390 - CVE-2017-12978:Cross-site scripting vulnerability via the title field bsc1054742 It also contains a...

CVE-2017-1000039

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

CVE-2017-1000039

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

Design/Logic Flaw

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

CVE-2017-1000039

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

Cross site scripting

Cross-site scripting XSS vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi...

CVE-2015-8010

Cross-site scripting XSS vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi...

UBUNTU-CVE-2015-8010

Cross-site scripting XSS vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi...

CVE-2015-8010

Removed by vendor...

CVE-2017-6095

A SQL injection issue was discovered in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php Unauthenticated with the GET Parameter: listid...

CVE-2017-6095

A SQL injection issue was discovered in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php Unauthenticated with the GET Parameter: listid...

CVE-2017-6095

A SQL injection issue was discovered in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php Unauthenticated with the GET Parameter: listid...

AD ACL Scanner

AD ACL Scanner AD ACL Scanner is a tool completly written in PowerShell with GUI used to create reports of access control lists DACLs and system access control lists SACLs in Active Directory . New Features Faster compare of Access Control Lists using USN from replication metadata. Primary...

UDAdmin.exe tool has been enhanced for better reporting and exporting of User Device License usage

Question: How to check license usage in Xendesktop/Xenapp with the enhanced UDAdmin.exe tool for reporting and monitoring? Answer: With License Server 11.14.0.1 Build 23101, some enhancements have been made to the UDAdmin command for better reporting of User Device License usage. The enhancements...