13 matches found
CVE-2020-10131
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter...
EUVD-2020-17605
Malware in sbrugna...
EUVD-2020-2594
Malware in sbrugna...
CVE-2020-9347
Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability via a crafted name that is mishandled by the Export Passwords feature. NOTE: the vendor disputes the significance of this report because they expect CSV risk mitigation to be provided by an external...
CVE-2020-24898
The Table Filter and Charts for Confluence Server app before 5.3.26 for Atlassian Confluence allows SSRF via the "Table from CSV" macro URL parameter...
CVE-2020-10131
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter...
Design/Logic Flaw
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter...
CVE-2020-10131 CVE-2020-10131
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter...
PT-2023-1739 · Fortinet · Fortianalyzer
Name of the Vulnerable Software and Affected Versions: Fortinet FortiAnalyzer versions 6.4.0 through 6.4.9 Fortinet FortiAnalyzer versions 7.0.0 through 7.0.5 Fortinet FortiAnalyzer versions 7.2.0 through 7.2.1 Description: The issue is related to the improper neutralization of formula elements i...
CVE-2020-24897
The Table Filter and Charts for Confluence Server app before 5.3.25 for Atlassian Confluence allow remote attackers to inject arbitrary HTML or JavaScript via cross site scripting XSS through the provided Markdown markup to the "Table from CSV" macro...
Cross site scripting
The Table Filter and Charts for Confluence Server app before 5.3.25 for Atlassian Confluence allow remote attackers to inject arbitrary HTML or JavaScript via cross site scripting XSS through the provided Markdown markup to the "Table from CSV" macro...
CVE-2020-9347
Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability via a crafted name that is mishandled by the Export Passwords feature. NOTE: the vendor disputes the significance of this report because they expect CSV risk mitigation to be provided by an external...
Pornhub: CSV Macro injection in Video Manager (CEMI)
Missing character escaping in video title delivery of an executable CSV payload to when exporting stats to file...