Lucene search
K

560 matches found

Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.9 views

PT-2025-31487 · Powercms · Powercms

Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: Multiple versions of PowerCMS improperly neutralize formula elements within a CSV file. A malicious user can create a crafted CSV entry. If a victim user downloads and opens this file in...

8CVSS6.3AI score0.00241EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/30 12:0 a.m.4 views

PT-2025-31581

Name of the Vulnerable Software and Affected Versions RSA Archer version 6.11.00204.10014 Description An issue was discovered that allows attackers to execute arbitrary code via crafted system inputs. These inputs are exported into a CSV file, and execution occurs after a user opens the file with...

10CVSS7.8AI score0.0038EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/06/30 12:0 a.m.4 views

PT-2025-31397 · Undefined · Undefined

Уязвимость обработчика CSV-файлов программной платформы для разработки веб-приложений Django связана с неверным ограничением имени пути к каталогу с ограниченным доступом. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код путём внедрения его в...

9CVSS7.3AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 11:35 a.m.9 views

CVE-2025-23110

An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting XSS vulnerability in the email-subject field exists while performing an upload of a CSV file containing a list of alert configurations. An attacker can send the victim a CSV file containing the XSS payload in the...

6.1CVSS5.1AI score0.00278EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:32 a.m.6 views

CVE-2024-27113

An unauthenticated Insecure Direct Object Reference IDOR to the database has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacker could use this vulnerability to gain access to the underlying database by exporting it as a CSV file. The vulnerability...

9.8CVSS7.1AI score0.00421EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:31 a.m.8 views

CVE-2024-42901

A CSV injection vulnerability in Lime Survey v6.5.12 allows attackers to execute arbitrary code via uploading a crafted CSV file...

4.8CVSS8AI score0.004EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:52 a.m.8 views

CVE-2024-41806

The Open edX Platform is a learning management platform. Instructors can upload csv files containing learner information to create cohorts in the instructor dashboard. These files are uploaded using the django default storage. With certain storage backends, uploads may become publicly available...

5.3CVSS6.7AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:39 a.m.10 views

CVE-2024-31939

Cross-Site Request Forgery CSRF vulnerability in Soflyy Import any XML or CSV File to WordPress.This issue affects Import any XML or CSV File to WordPress: from n/a through 3.7.3...

4.3CVSS5.2AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:4 a.m.6 views

CVE-2024-47572

An improper neutralization of formula elements in a csv file in Fortinet FortiSOAR 7.2.1 through 7.4.1 allows attacker to execute unauthorized code or commands via manipulating csv file...

9CVSS7.5AI score0.0056EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:13 a.m.8 views

CVE-2023-41798

Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist – WordPress Business Directory Plugin with Classified Ads Listing.This issue affects Directorist – WordPress Business Directory Plugin with Classified Ads Listings: from n/a through 7.7.1...

8.8CVSS8.5AI score0.00498EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:3 a.m.7 views

CVE-2023-36527

Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to CSV by BestWebSoft.This issue affects Post to CSV by BestWebSoft: from n/a through 1.4.0...

8.8CVSS8.5AI score0.00591EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:54 a.m.13 views

CVE-2023-2252

The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files...

2.7CVSS6.7AI score0.01342EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:44 a.m.9 views

CVE-2023-22719

Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue affects GiveWP: from n/a through 2.25.1...

9.8CVSS8.6AI score0.00629EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:26 a.m.8 views

CVE-2023-3302

Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9...

7.8CVSS6.7AI score0.00462EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:58 a.m.7 views

CVE-2023-47534

A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets...

9.6CVSS7.4AI score0.01051EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:50 a.m.9 views

CVE-2023-2629

Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9...

7.8CVSS6.7AI score0.00406EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.9 views

CVE-2023-2258

Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304...

8.8CVSS6.8AI score0.00913EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:0 a.m.14 views

CVE-2022-2711

The Import any XML or CSV File to WordPress plugin before 3.6.9 is not validating the paths of files contained in uploaded zip archives, allowing highly privileged users, such as admins, to write arbitrary files to any part of the file system accessible by the web server via a path traversal vect...

7.2CVSS6.8AI score0.03187EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:51 a.m.5 views

CVE-2022-45350

Improper Neutralization of Formula Elements in a CSV File vulnerability in Pär Thernström Simple History – user activity log, audit tool.This issue affects Simple History – user activity log, audit tool: from n/a through 3.3.1...

8.8CVSS8AI score0.0083EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:51 a.m.7 views

CVE-2022-45078

Improper Neutralization of Formula Elements in a CSV File vulnerability in Solwin Infotech User Blocker.This issue affects User Blocker: from n/a through 1.5.5...

7.2CVSS7AI score0.0069EPSS
Exploits0References1
Rows per page
Query Builder